Permalink
Browse files

Fixing STIX Format

IP/Hash had invalid CVE formats, CVE/MS samples had exploit_target in
incorrect place in XML.
  • Loading branch information...
Travis Smith
Travis Smith committed Aug 28, 2015
1 parent 53ee4f2 commit 2db1f43f6f2c75f52bf21f7e59b0a82c95359134
Showing with 24 additions and 24 deletions.
  1. +11 −11 VulnXML/CVE-2014-6271.xml
  2. +1 −1 VulnXML/IPV4-10.10.10.10.xml
  3. +1 −1 VulnXML/MD5-ffffffffffffffffffffffffffffffff.xml
  4. +11 −11 VulnXML/MS15-034.xml
View
@@ -26,17 +26,6 @@
http://cybox.mitre.org/XMLSchema/objects/Network_Connection/2.1/Network_Connection_Object.xsd"
id="heavd:STIXPackage-0196d980-60d9-4717-b7c5-bf7bc27a35d4"
version="1.1.1">
<stix:Exploit_Targets>
<stixCommon:Exploit_Target
xsi:type="et:ExploitTargetType"
id="heavd:et-48a276f7-a8d7-bba2-3575-e8a63fcd488"
timestamp="2015-01-21T09:00:00.000000Z">
<et:Title>USN-2362-1: Bash Vulnerability</et:Title>
<et:Vulnerability>
<et:CVE_ID>CVE-2014-6271</et:CVE_ID>
</et:Vulnerability>
</stixCommon:Exploit_Target>
</stix:Exploit_Targets>
<stix:Indicators>
<stix:Indicator xsi:type="indicator:IndicatorType" timestamp="2015-04-27T09:00:00.000000Z" id="heavd:indicator-8d88dd33-1e16-4814-814e-662fb0ac742f">
<indicator:Title>ShellShock</indicator:Title>
@@ -70,4 +59,15 @@
</indicator:Observable>
</stix:Indicator>
</stix:Indicators>
<stix:Exploit_Targets>
<stixCommon:Exploit_Target
xsi:type="et:ExploitTargetType"
id="heavd:et-48a276f7-a8d7-bba2-3575-e8a63fcd488"
timestamp="2015-01-21T09:00:00.000000Z">
<et:Title>USN-2362-1: Bash Vulnerability</et:Title>
<et:Vulnerability>
<et:CVE_ID>CVE-2014-6271</et:CVE_ID>
</et:Vulnerability>
</stixCommon:Exploit_Target>
</stix:Exploit_Targets>
</stix:STIX_Package>
@@ -36,7 +36,7 @@
<et:Title>malcode.com observable</et:Title>
<et:Vulnerability>
<et:Description>maliciousIPV4</et:Description>
<et:CVE_ID>IPV4-10.10.10.10</et:CVE_ID>
<et:CVE_ID>CVE-2015-0000</et:CVE_ID>
</et:Vulnerability>
</stixCommon:Exploit_Target>
</stix:Exploit_Targets>
@@ -41,7 +41,7 @@
<et:Title>malc0de.com observable</et:Title>
<et:Vulnerability>
<et:Description>maliciousMD5</et:Description>
<et:CVE_ID>MD5-ffffffffffffffffffffffffffffffff</et:CVE_ID>
<et:CVE_ID>CVE-2015-0000</et:CVE_ID>
</et:Vulnerability>
</stixCommon:Exploit_Target>
</stix:Exploit_Targets>
View
@@ -23,17 +23,6 @@
id="heavd:STIXPackage-0196d980-60d9-4717-b7c5-bf7bc27a35d4"
version="1.1.1">
<stix:Exploit_Targets>
<stixCommon:Exploit_Target
xsi:type="et:ExploitTargetType"
id="heavd:et-48a276f7-a8d7-bba2-3575-e8a63fcd488"
timestamp="2015-04-24T09:00:00.000000Z">
<et:Title>MS15-035 HTTP.sys Vulnerability</et:Title>
<et:Vulnerability>
<et:CVE_ID>CVE-2015-1635</et:CVE_ID>
</et:Vulnerability>
</stixCommon:Exploit_Target>
</stix:Exploit_Targets>
<stix:Indicators>
<stix:Indicator xsi:type="indicator:IndicatorType" timestamp="2015-04-24T09:00:00.000000Z" id="heavd:indicator-8d88dd33-1e16-4814-814e-662fb0ac842f">
<indicator:Title>MS15-035 Exploit Detection</indicator:Title>
@@ -69,4 +58,15 @@
</indicator:Observable>
</stix:Indicator>
</stix:Indicators>
<stix:Exploit_Targets>
<stixCommon:Exploit_Target
xsi:type="et:ExploitTargetType"
id="heavd:et-48a276f7-a8d7-bba2-3575-e8a63fcd488"
timestamp="2015-04-24T09:00:00.000000Z">
<et:Title>MS15-035 HTTP.sys Vulnerability</et:Title>
<et:Vulnerability>
<et:CVE_ID>CVE-2015-1635</et:CVE_ID>
</et:Vulnerability>
</stixCommon:Exploit_Target>
</stix:Exploit_Targets>
</stix:STIX_Package>

0 comments on commit 2db1f43

Please sign in to comment.