RubygemsResearch

Sha256: 2608d751699d0dba99065d00eaa4ca5a903c5a14ec82ad82d7fdb67e86a87a06

Contents?: true

Size: 1.31 KB

Versions: 8

Compression:

Stored size: 1.31 KB

require 'spec_helper'

describe "The CVE-2013-1655 vulnerability" do
  before(:all) do 
    @check = Dawn::Kb::CVE_2013_1655.new
    # @check.debug = true
  end
  it "is detected if vulnerable version of puppet rubygem is detect when running on ruby 1.9.3 and 2.0.0" do
    @check.options[:dependencies]=[{:name=>"puppet", :version=>'2.7.20'}]
    @check.options[:detected_ruby] = {:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p342"}
    expect(@check.vuln?).to   eq(true)
  end
  it "is ignored if only vulnerable version of puppet rubygem has been found" do 
    @check.options[:detected_ruby] = {:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p358"}
    expect(@check.vuln?).to   eq(false)
  end

  it "is ignored if only the vulnerable ruby interpreter version has been found" do
    @check.options[:dependencies]=[{:name=>"puppet", :version=>'8.7.21'}]
    @check.options[:detected_ruby] = {:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p342"}
    # @check.dump_status
    expect(@check.vuln?).to   eq(false)
  end

  it "is ignored if none of the prerequisites have been met" do
    @check.options[:dependencies]=[{:name=>"puppet", :version=>'8.7.21'}]
    @check.options[:detected_ruby] = {:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p342"}
    # @check.dump_status
    expect(@check.vuln?).to   eq(false)
  end
end

Version data entries

8 entries across 8 versions & 1 rubygems

Version	Path
dawnscanner-1.6.9	spec/lib/kb/cve_2013_1655_spec.rb
dawnscanner-1.6.8	spec/lib/kb/cve_2013_1655_spec.rb
dawnscanner-1.6.7	spec/lib/kb/cve_2013_1655_spec.rb
dawnscanner-1.6.6	spec/lib/kb/cve_2013_1655_spec.rb
dawnscanner-1.6.5	spec/lib/kb/cve_2013_1655_spec.rb
dawnscanner-1.6.4	spec/lib/kb/cve_2013_1655_spec.rb
dawnscanner-1.6.3	spec/lib/kb/cve_2013_1655_spec.rb
dawnscanner-1.6.2	spec/lib/kb/cve_2013_1655_spec.rb