more reference tags, fixes issue #268

2013-08-24 11:16:39 +02:00
parent 115241f16c
commit a032b7c134
17 changed files with 3731 additions and 1418 deletions
--- a/lib/common/models/vulnerability.rb
+++ b/lib/common/models/vulnerability.rb
@@ -5,24 +5,20 @@ require 'vulnerability/output'
 class Vulnerability
  include Vulnerability::Output

-  attr_accessor :title, :references, :type, :fixed_in, :metasploit_modules, :cve
+  attr_accessor :title, :references, :type, :fixed_in

  #
  # @param [ String ] title The title of the vulnerability
  # @param [ String ] type  The type of the vulnerability
-  # @param [ Array ] references References urls
-  # @param [ Array ] metasploit_modules Metasploit modules for the vulnerability
+  # @param [ Hash ] references References
  # @param [ String ] fixed_in  Vuln fixed in Version X
-  # @param [ Array ] cve CVE numbers for the vulnerability
  #
  # @return [ Vulnerability ]
-  def initialize(title, type, references, metasploit_modules = [], fixed_in = '', cve = [])
+  def initialize(title, type, references = {}, fixed_in = '')
    @title              = title
    @type               = type
    @references         = references
-    @metasploit_modules = metasploit_modules
    @fixed_in           = fixed_in
-    @cve                = cve
  end

  # @param [ Vulnerability ] other
@@ -33,9 +29,7 @@ class Vulnerability
    title == other.title &&
        type == other.type &&
        references == other.references &&
-        fixed_in == other.fixed_in &&
-        cve == other.cve &&
-        metasploit_modules == other.metasploit_modules
+        fixed_in == other.fixed_in
  end
  # :nocov:

@@ -45,13 +39,21 @@ class Vulnerability
  #
  # @return [ Vulnerability ]
  def self.load_from_xml_node(xml_node)
+		references = {}
+		refs = xml_node.search('references')
+		if refs
+			references[:url] = refs.search('url').map(&:text)
+			references[:cve] = refs.search('cve').map(&:text)
+			references[:secunia] = refs.search('secunia').map(&:text)
+			references[:osvdb] = refs.search('osvdb').map(&:text)
+			references[:metasploit] = refs.search('metasploit').map(&:text)
+			references[:exploitdb] = refs.search('exploitdb').map(&:text)
+		end
    new(
      xml_node.search('title').text,
      xml_node.search('type').text,
-      xml_node.search('reference').map(&:text),
-      xml_node.search('metasploit').map(&:text),
+      references,
      xml_node.search('fixed_in').text,
-      xml_node.search('cve').map(&:text)
    )
  end