-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #23586 from wazuh/enhancement/23548-high-impact-vu…
…lnerabilities Test cases for High impact vulnerabilities
- Loading branch information
Showing
22 changed files
with
293 additions
and
0 deletions.
There are no files selected for viewing
23 changes: 23 additions & 0 deletions
23
src/wazuh_modules/vulnerability_scanner/qa/test_data/016/Readme.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# Description | ||
|
||
Vulnerability detection validation for **_openssl_** package. | ||
|
||
## CVE | ||
|
||
- CVE-2014-0160 | ||
|
||
# Platforms | ||
|
||
## Ubuntu Jammy | ||
|
||
- Input events | ||
- [001](input_001.json) | ||
- [002](input_002.json) | ||
- [003](input_003.json) | ||
- [004](input_004.json) | ||
|
||
| Name | Version | Feed | Expected | | ||
|-----------|-------------------|-----------|----------------| | ||
| openssl | 3.0.2-0ubuntu1.15 | Canonical | Not vulnerable | | ||
| openssl | 1.0.1 | NVD | Vulnerable | | ||
| openssl | 1.0.1g | NVD | Not vulnerable | |
1 change: 1 addition & 0 deletions
1
src/wazuh_modules/vulnerability_scanner/qa/test_data/016/expected_001.out
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
[] |
1 change: 1 addition & 0 deletions
1
src/wazuh_modules/vulnerability_scanner/qa/test_data/016/expected_002.out
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
[] |
3 changes: 3 additions & 0 deletions
3
src/wazuh_modules/vulnerability_scanner/qa/test_data/016/expected_003.out
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
[ | ||
"Match found, the package 'openssl', is vulnerable to 'CVE-2014-0160'. Current version: '1.0.1' (less than '1.0.1g' or equal to ''). - Agent '' (ID: '001', Version: '')." | ||
] |
3 changes: 3 additions & 0 deletions
3
src/wazuh_modules/vulnerability_scanner/qa/test_data/016/expected_004.out
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
[ | ||
"No match due to default status for Package: openssl, Version: 1.0.1g while scanning for Vulnerability: CVE-2014-0160" | ||
] |
23 changes: 23 additions & 0 deletions
23
src/wazuh_modules/vulnerability_scanner/qa/test_data/016/input_001.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
{ | ||
"agent_info": { | ||
"agent_id": "001" | ||
}, | ||
"data_type": "state", | ||
"data": { | ||
"attributes_type": "syscollector_osinfo", | ||
"attributes": { | ||
"architecture": "x86_64", | ||
"hostname": "jammy", | ||
"os_codename": "jammy", | ||
"os_major": "22", | ||
"os_minor": "04", | ||
"os_name": "Ubuntu", | ||
"os_patch": "1", | ||
"os_platform": "ubuntu", | ||
"os_version": "22.04.1 LTS (Jammy Jellyfish)", | ||
"release": "5.15.0-107-generic", | ||
"sysname": "Linux", | ||
"version": "#117-Ubuntu SMP Fri Apr 26 12:26:49 UTC 2024" | ||
} | ||
} | ||
} |
21 changes: 21 additions & 0 deletions
21
src/wazuh_modules/vulnerability_scanner/qa/test_data/016/input_002.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
{ | ||
"agent_info": { | ||
"agent_id": "001" | ||
}, | ||
"data_type": "dbsync_packages", | ||
"data": { | ||
"architecture": "amd64", | ||
"description": "Secure Sockets Layer toolkit - cryptographic utility", | ||
"format": "deb", | ||
"groups": "utils", | ||
"install_time": " ", | ||
"location": " ", | ||
"multiarch": "foreign", | ||
"name": "openssl", | ||
"priority": "important", | ||
"size": 2053, | ||
"vendor": "Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>", | ||
"version": "3.0.2-0ubuntu1.15" | ||
}, | ||
"operation": "INSERTED" | ||
} |
21 changes: 21 additions & 0 deletions
21
src/wazuh_modules/vulnerability_scanner/qa/test_data/016/input_003.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
{ | ||
"agent_info": { | ||
"agent_id": "001" | ||
}, | ||
"data_type": "dbsync_packages", | ||
"data": { | ||
"architecture": "amd64", | ||
"description": "Secure Sockets Layer toolkit - cryptographic utility", | ||
"format": "deb", | ||
"groups": "utils", | ||
"install_time": " ", | ||
"location": " ", | ||
"multiarch": "foreign", | ||
"name": "openssl", | ||
"priority": "important", | ||
"size": 2053, | ||
"vendor": "openssl", | ||
"version": "1.0.1" | ||
}, | ||
"operation": "INSERTED" | ||
} |
21 changes: 21 additions & 0 deletions
21
src/wazuh_modules/vulnerability_scanner/qa/test_data/016/input_004.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
{ | ||
"agent_info": { | ||
"agent_id": "001" | ||
}, | ||
"data_type": "dbsync_packages", | ||
"data": { | ||
"architecture": "amd64", | ||
"description": "Secure Sockets Layer toolkit - cryptographic utility", | ||
"format": "deb", | ||
"groups": "utils", | ||
"install_time": " ", | ||
"location": " ", | ||
"multiarch": "foreign", | ||
"name": "openssl", | ||
"priority": "important", | ||
"size": 2053, | ||
"vendor": "openssl", | ||
"version": "1.0.1g" | ||
}, | ||
"operation": "INSERTED" | ||
} |
34 changes: 34 additions & 0 deletions
34
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/Readme.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# Description | ||
|
||
Vulnerability detection validation for **_XZ_** package. | ||
|
||
## CVE | ||
|
||
- CVE-2024-3094 | ||
|
||
# Platforms | ||
|
||
## Ubuntu Jammy | ||
|
||
- Input events | ||
- ![001](input_001.json) | ||
- ![002](input_002.json) | ||
- ![003](input_003.json) | ||
|
||
| Name | Version | Feed | Expected | | ||
|------------|---------------|-----------|----------------| | ||
| xz-utils | 5.2.5-2ubuntu1| Canonical | Not vulnerable | | ||
| xz-utils | 5.6.0 | NVD | Vulnerable | | ||
|
||
|
||
## Arch Linux | ||
|
||
- Input files | ||
- [004](input_004.json) | ||
- [005](input_005.json) | ||
- [006](input_006.json) | ||
|
||
| Name | Version | Feed | Expected | | ||
|------------|---------|------|----------------| | ||
| xz | 5.4.6-1 | Arch | Not vulnerable | | ||
| xz | 5.6.0-1 | Arch | Vulnerable | |
1 change: 1 addition & 0 deletions
1
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/expected_001.out
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
[] |
3 changes: 3 additions & 0 deletions
3
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/expected_002.out
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
[ | ||
"No match due to default status for Package: xz-utils, Version: 5.2.5-2ubuntu1 while scanning for Vulnerability: CVE-2024-3094" | ||
] |
3 changes: 3 additions & 0 deletions
3
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/expected_003.out
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
[ | ||
"Match found, the package 'xz', is vulnerable to 'CVE-2024-3094'. Current version: '5.6.0' is equal to '5.6.0'. - Agent '' (ID: '001', Version: '')." | ||
] |
1 change: 1 addition & 0 deletions
1
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/expected_004.out
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
[] |
3 changes: 3 additions & 0 deletions
3
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/expected_005.out
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
[ | ||
"No match due to default status for Package: xz, Version: 5.4.6-1 while scanning for Vulnerability: CVE-2024-3094" | ||
] |
3 changes: 3 additions & 0 deletions
3
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/expected_006.out
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
[ | ||
"Match found, the package 'xz', is vulnerable to 'CVE-2024-3094'. Current version: '5.6.0-1' (less than '5.6.1-2' or equal to ''). - Agent '' (ID: '001', Version: '')." | ||
] |
23 changes: 23 additions & 0 deletions
23
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/input_001.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
{ | ||
"agent_info": { | ||
"agent_id": "001" | ||
}, | ||
"data_type": "state", | ||
"data": { | ||
"attributes_type": "syscollector_osinfo", | ||
"attributes": { | ||
"architecture": "x86_64", | ||
"hostname": "jammy", | ||
"os_codename": "jammy", | ||
"os_major": "22", | ||
"os_minor": "04", | ||
"os_name": "Ubuntu", | ||
"os_patch": "1", | ||
"os_platform": "ubuntu", | ||
"os_version": "22.04.1 LTS (Jammy Jellyfish)", | ||
"release": "5.15.0-107-generic", | ||
"sysname": "Linux", | ||
"version": "#117-Ubuntu SMP Fri Apr 26 12:26:49 UTC 2024" | ||
} | ||
} | ||
} |
22 changes: 22 additions & 0 deletions
22
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/input_002.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
{ | ||
"agent_info": { | ||
"agent_id": "001" | ||
}, | ||
"data_type": "dbsync_packages", | ||
"data": { | ||
"architecture": "amd64", | ||
"description": "XZ-format compression utilities", | ||
"format": "deb", | ||
"groups": "utils", | ||
"install_time": " ", | ||
"location": " ", | ||
"multiarch": "foreign", | ||
"name": "xz-utils", | ||
"priority": "standard", | ||
"size": 372, | ||
"source": " ", | ||
"vendor": "Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>", | ||
"version": "5.2.5-2ubuntu1" | ||
}, | ||
"operation": "INSERTED" | ||
} |
22 changes: 22 additions & 0 deletions
22
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/input_003.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
{ | ||
"agent_info": { | ||
"agent_id": "001" | ||
}, | ||
"data_type": "dbsync_packages", | ||
"data": { | ||
"architecture": "amd64", | ||
"description": "XZ-format compression utilities", | ||
"format": "deb", | ||
"groups": "utils", | ||
"install_time": " ", | ||
"location": " ", | ||
"multiarch": "foreign", | ||
"name": "xz", | ||
"priority": "standard", | ||
"size": 372, | ||
"source": " ", | ||
"vendor": "tukaani", | ||
"version": "5.6.0" | ||
}, | ||
"operation": "INSERTED" | ||
} |
19 changes: 19 additions & 0 deletions
19
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/input_004.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
{ | ||
"agent_info": { | ||
"agent_id": "001" | ||
}, | ||
"data_type": "state", | ||
"data": { | ||
"attributes_type": "syscollector_osinfo", | ||
"attributes": { | ||
"architecture": "x86_64", | ||
"hostname": "archlinux", | ||
"os_build": "rolling", | ||
"os_name": "Arch Linux", | ||
"os_platform": "arch", | ||
"release": "6.8.9-arch1-2", | ||
"sysname": "Linux", | ||
"version": "#1 SMP PREEMPT_DYNAMIC Tue, 07 May 2024 21:35:54 +0000" | ||
} | ||
} | ||
} |
21 changes: 21 additions & 0 deletions
21
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/input_005.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
{ | ||
"agent_info": { | ||
"agent_id": "001" | ||
}, | ||
"data_type": "dbsync_packages", | ||
"data": { | ||
"architecture": "x86_64", | ||
"description": "Library and command line tools for XZ and LZMA compressed files", | ||
"format": "pacman", | ||
"groups": " ", | ||
"install_time": "2024/05/22 20:31:52", | ||
"location": " ", | ||
"name": "xz", | ||
"priority": " ", | ||
"size": 2457747, | ||
"source": " ", | ||
"vendor": "Arch Linux", | ||
"version": "5.4.6-1" | ||
}, | ||
"operation": "INSERTED" | ||
} |
21 changes: 21 additions & 0 deletions
21
src/wazuh_modules/vulnerability_scanner/qa/test_data/017/input_006.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
{ | ||
"agent_info": { | ||
"agent_id": "001" | ||
}, | ||
"data_type": "dbsync_packages", | ||
"data": { | ||
"architecture": "x86_64", | ||
"description": "Library and command line tools for XZ and LZMA compressed files", | ||
"format": "pacman", | ||
"groups": " ", | ||
"install_time": "2024/05/22 20:31:52", | ||
"location": " ", | ||
"name": "xz", | ||
"priority": " ", | ||
"size": 2457747, | ||
"source": " ", | ||
"vendor": "Arch Linux", | ||
"version": "5.6.0-1" | ||
}, | ||
"operation": "INSERTED" | ||
} |