Issue #70

Merge branch 'issue_70_add_check_for_OSVDB_108570' Conflicts: Changelog.md lib/codesake/dawn/knowledge_base.rb spec/lib/dawn/codesake_knowledgebase_spec.rb
thesp0nge · Jul 8, 2014 · 6964af9 · 6964af9
2 parents cc34d41 + 4dd568a
commit 6964af9
Show file tree

Hide file tree

Showing 5 changed files with 56 additions and 1 deletion.
diff --git a/Changelog.md b/Changelog.md
@@ -13,6 +13,8 @@ _latest update: Fri Apr 18 07:55:10 CEST 2014_
 * Adding a check for CVE-2013-2105: HTML injection in show_in_browser rubygem
 * Fixing issue #68. I moved some file variable operation after the check for
   nil value. I can't reproduce on my station the offending bug :-(
+* Adding a check for OSVDB-108570: arbitrary command execution for
+  backup_checksum gem (issue #70)
 
 ## Version 1.1.3 - codename: Lightning McQueen (2014-05-06)
 

diff --git a/lib/codesake/dawn/kb/osvdb_108570.rb b/lib/codesake/dawn/kb/osvdb_108570.rb
@@ -0,0 +1,29 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2014-07-04
+			class OSVDB_108570
+				include DependencyCheck
+
+				def initialize
+          message = "backup_checksum Gem for Ruby contains a flaw in /lib/backup/cli/utility.rb that is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands."
+           super({
+            :name=> "OSVDB-108570",
+            :cvss=>"",
+            :osvdb=> "108570",
+            :release_date => Date.new(2014, 6, 30),
+            :cwe=>"",
+            :owasp=>"A9",
+            :applies=>["rack", "sinatra", "padrino", "rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"We are not currently aware of a solution for this vulnerability. Please check backup_checksum rubygem for upgrades",
+            :aux_links=>["http://www.vapid.dhs.org/advisories/backup_checksum-3.0.23.html"]
+           })
+           self.safe_dependencies = [{:name=>"backup_checksum", :version=>['3.0.24']}]
+
+				end
+			end
+		end
+	end
+end
diff --git a/lib/codesake/dawn/knowledge_base.rb b/lib/codesake/dawn/knowledge_base.rb
@@ -223,6 +223,7 @@
 
 require "codesake/dawn/kb/osvdb_105971"
 require "codesake/dawn/kb/osvdb_108569"
+require "codesake/dawn/kb/osvdb_108570"
 
 
 module Codesake
@@ -468,7 +469,7 @@ def load_security_checks
           # OSVDB Checks are still here since are all about dependencies
           Codesake::Dawn::Kb::OSVDB_105971.new,
           Codesake::Dawn::Kb::OSVDB_108569.new,
-
+          Codesake::Dawn::Kb::OSVDB_108570.new,
         ]
         # END @cve_security_checks array
         # START @owasp_ror_cheatsheet_checks array

diff --git a/spec/lib/dawn/codesake_knowledgebase_spec.rb b/spec/lib/dawn/codesake_knowledgebase_spec.rb
@@ -908,4 +908,10 @@
     sc.should_not   be_nil
     sc.class.should == Codesake::Dawn::Kb::OSVDB_108569
   end
+
+  it "must have test for OSVDB-108570" do
+      sc = kb.find("OSVDB-108570")
+        sc.should_not   be_nil
+          sc.class.should == Codesake::Dawn::Kb::OSVDB_108570
+  end
 end
diff --git a/spec/lib/kb/osvdb_108570_spec.rb b/spec/lib/kb/osvdb_108570_spec.rb
@@ -0,0 +1,17 @@
+require 'spec_helper'
+describe "The OSVDB-108570 vulnerability" do
+	before(:all) do
+		@check = Codesake::Dawn::Kb::OSVDB_108570.new
+		# @check.debug = true
+	end
+  it "is reported when a vulnerable version it has been found (3.0.23)" do
+    @check.dependencies = [{:name=>"backup_checksum", :version=>"3.0.23"}]
+    @check.vuln?.should   be_true
+  end
+  it "is not reported when a safe version it has been found (0.4.15)" do
+    @check.dependencies = [{:name=>"backup_checksum", :version=>"3.0.24"}]
+    @check.vuln?.should   be_false
+  end
+  it "must be filled with CVE identifier"
+  it "must be filled with CVSS information"
+end