Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Cisco #67

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Support Cisco #67

wants to merge 3 commits into from

Conversation

shigechika
Copy link
Contributor

@shigechika shigechika commented Jun 8, 2019
edited
Loading

I quick hacked for support cisco.
I did not enough test yet.
I checked some tables created.

% ./goval-dictionary fetch-cisco asa ios ios_xe pix
INFO[06-08|22:03:50] Fetching...                              URL=https://oval.cisecurity.org/repository/download/5.11.2/vulnerability/cisco_asa.xml
INFO[06-08|22:03:50] Fetching...                              URL=https://oval.cisecurity.org/repository/download/5.11.2/vulnerability/cisco_ios.xml
INFO[06-08|22:03:50] Fetching...                              URL=https://oval.cisecurity.org/repository/download/5.11.2/vulnerability/cisco_ios_xe.xml
INFO[06-08|22:03:50] Fetching...                              URL=https://oval.cisecurity.org/repository/download/5.11.2/vulnerability/cisco_pix.xml
INFO[06-08|22:03:54] Fetched...                               URL=https://oval.cisecurity.org/repository/download/5.11.2/vulnerability/cisco_pix.xml
INFO[06-08|22:03:54] Fetched...                               URL=https://oval.cisecurity.org/repository/download/5.11.2/vulnerability/cisco_ios_xe.xml
INFO[06-08|22:03:54] Fetched...                               URL=https://oval.cisecurity.org/repository/download/5.11.2/vulnerability/cisco_asa.xml
INFO[06-08|22:03:54] Fetched...                               URL=https://oval.cisecurity.org/repository/download/5.11.2/vulnerability/cisco_ios.xml
INFO[06-08|22:03:54] Finished fetching OVAL definitions 
INFO[06-08|22:03:54] Fetched                                  URL=https://oval.cisecurity.org/repository/download/5.11.2/vulnerability/cisco_pix.xml OVAL definitions=3
INFO[06-08|22:03:54] Refreshing...                            Family=cisco Version=pix
INFO[06-08|22:03:54] Fetched                                  URL=https://oval.cisecurity.org/repository/download/5.11.2/vulnerability/cisco_ios_xe.xml OVAL definitions=189
INFO[06-08|22:03:54] Refreshing...                            Family=cisco Version=ios_xe
INFO[06-08|22:03:54] Fetched                                  URL=https://oval.cisecurity.org/repository/download/5.11.2/vulnerability/cisco_asa.xml OVAL definitions=14
INFO[06-08|22:03:54] Refreshing...                            Family=cisco Version=asa
INFO[06-08|22:03:55] Fetched                                  URL=https://oval.cisecurity.org/repository/download/5.11.2/vulnerability/cisco_ios.xml OVAL definitions=457
INFO[06-08|22:03:55] Refreshing...                            Family=cisco Version=ios

% sqlite3 oval.sqlite3
sqlite> select * from roots ;
1|cisco|pix|2019-06-08 22:03:54.757755+09:00
2|cisco|ios_xe|2019-06-08 22:03:54.800865+09:00
3|cisco|asa|2019-06-08 22:03:54.829995+09:00
4|cisco|ios|2019-06-08 22:03:55.00476+09:00
sqlite> select count(*) from definitions ;
663
sqlite> select * from definitions limit 1;
id|root_id|definition_id|title|description
1|1|oval:org.mitre.oval:def:5983|Cisco PIX and ASA Windows NT Domain Authentication Bypass Vulnerability|Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.
sqlite> select * from definitions order by id desc limit 1;
id|root_id|definition_id|title|description
663|4|oval:org.mitre.oval:def:5461|Cisco IOS 12.0 Turbo ACL Denial of Service Vulnerability|Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access.
sqlite> select count(*) from cves ;
count(*)
0

golangcibot
golangcibot reviewed Jun 10, 2019
View reviewed changes
db/rdb/cisco.go

// GetByCveID select definitions by CveID
func (o *Cisco) GetByCveID(osVer, cveID string, driver *gorm.DB) ([]models.Definition, error) {
osVer = majorMinor(osVer)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ineffectual assignment to osVer (from ineffassign)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fix it

@shigechika
Copy link
Contributor Author

I could make a cves table.

sqlite> SELECT count(*) from cves ;
663
sqlite> SELECT * from cves limit 3 ;
id|advisory_id|cve_id|cvss2|cvss3|cwe|impact|href|public
1|1|CVE-2008-3815||||||
2|2|CVE-2008-3816||||||
3|3|CVE-2008-3817||||||

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@golangcibot golangcibot golangcibot left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@shigechika @golangcibot