Last active
December 30, 2015 20:08
-
-
Save xsist10/7878272 to your computer and use it in GitHub Desktop.
CVE vulnerability check concept
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "vulnerabilities": [ | |
| { | |
| "name": "CVE-2013-6712", | |
| "description": "The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.", | |
| "impact": 5.0, | |
| "versions": [ | |
| { | |
| "start": "5.5.0-alpha6", | |
| "end": "5.5.6" | |
| } | |
| ] | |
| }, | |
| { | |
| "name": "CVE-2013-1824", | |
| "description": "The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions.", | |
| "impact": 4.3, | |
| "versions": [ | |
| { | |
| "start": "5.3.0", | |
| "end": "5.3.21" | |
| }, | |
| { | |
| "start": "5.4.0", | |
| "end": "5.4.11" | |
| } | |
| ] | |
| } | |
| ] | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| namespace Psecio\Iniscan\Rule; | |
| class PhpVulnerabilities extends \Psecio\Iniscan\Rule | |
| { | |
| public function __construct($config, $section) | |
| { | |
| parent::__construct($config, $section); | |
| $this->setTest(array('key' => 'php.version')); | |
| } | |
| public function getCve() | |
| { | |
| $cves = json_decode(file_get_contents(__DIR__.'/cves.json')); | |
| if ($cves === null) { | |
| throw new \Exception('Cannot parse CVE list'); | |
| } | |
| return $cves; | |
| } | |
| public function evaluate(array $ini) | |
| { | |
| $cves = $this->getCve(); | |
| foreach ($cves->vulnerabilities as $vulnerability) | |
| { | |
| foreach ($vulnerability->versions as $range) | |
| { | |
| $range_match = true; | |
| if (property_exists($range, 'start')) | |
| { | |
| $range_match &= version_compare($this->getVersion(), $range->start, '>='); | |
| } | |
| if (property_exists($range, 'end')) | |
| { | |
| $range_match &= version_compare($this->getVersion(), $range->end, '<='); | |
| } | |
| if ($range_match) | |
| { | |
| $this->setDescription($vulnerability->name . ': ' . $vulnerability->description); | |
| $this->fail(); | |
| return false; | |
| } | |
| } | |
| } | |
| $this->setDescription("All CVE checks passed."); | |
| $this->pass(); | |
| return true; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hmm, could be interesting....do you know of a good source for this kind of information or would it be more about keeping track as the issues are announced?