RubygemsResearch

Sha256: 3a74ee4a2f2c056be6f0cb6611a4c4f90d2c68e730d53a817e57ce192119888b

Contents?: true

Size: 1.3 KB

Versions: 23

Compression:

Stored size: 1.3 KB

require 'spec_helper'

describe "The CVE-2013-1655 vulnerability" do
  before(:all) do 
    @check = Codesake::Dawn::Kb::CVE_2013_1655.new
    # @check.debug = true
  end
  it "is detected if vulnerable version of puppet rubygem is detect when running on ruby 1.9.3 and 2.0.0" do
    @check.options[:dependencies]=[{:name=>"puppet", :version=>'2.7.20'}]
    @check.options[:detected_ruby] = {:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p342"}
    @check.vuln?.should   be_true
  end
  it "is ignored if only vulnerable version of puppet rubygem has been found" do 
    @check.options[:detected_ruby] = {:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p358"}
    @check.vuln?.should   be_false
  end

  it "is ignored if only the vulnerable ruby interpreter version has been found" do
    @check.options[:dependencies]=[{:name=>"puppet", :version=>'8.7.21'}]
    @check.options[:detected_ruby] = {:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p342"}
    # @check.dump_status
    @check.vuln?.should   be_false
  end

  it "is ignored if none of the prerequisites have been met" do
    @check.options[:dependencies]=[{:name=>"puppet", :version=>'8.7.21'}]
    @check.options[:detected_ruby] = {:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p342"}
    # @check.dump_status
    @check.vuln?.should   be_false
  end
end

Version data entries

23 entries across 23 versions & 2 rubygems

Version	Path
dawnscanner-1.2.99	spec/lib/kb/cve_2013_1655_spec.rb
codesake-dawn-1.2.99	spec/lib/kb/cve_2013_1655_spec.rb
codesake-dawn-1.2.0	spec/lib/kb/cve_2013_1655_spec.rb
codesake-dawn-1.1.3	spec/lib/kb/cve_2013_1655_spec.rb
codesake-dawn-1.1.2	spec/lib/kb/cve_2013_1655_spec.rb
codesake-dawn-1.1.1	spec/lib/kb/cve_2013_1655_spec.rb
codesake-dawn-1.1.0	spec/lib/kb/cve_2013_1655_spec.rb
codesake-dawn-1.1.0.rc2	spec/lib/kb/cve_2013_1655_spec.rb
codesake-dawn-1.1.0.rc1	spec/lib/kb/cve_2013_1655_spec.rb
codesake-dawn-1.0.6	spec/lib/kb/codesake_cve_2013_1655_spec.rb
codesake-dawn-1.0.5	spec/lib/kb/codesake_cve_2013_1655_spec.rb
codesake-dawn-1.0.4	spec/lib/kb/codesake_cve_2013_1655_spec.rb
codesake-dawn-1.0.3	spec/lib/kb/codesake_cve_2013_1655_spec.rb
codesake-dawn-1.0.2	spec/lib/kb/codesake_cve_2013_1655_spec.rb
codesake-dawn-1.0.1	spec/lib/kb/codesake_cve_2013_1655_spec.rb
codesake-dawn-1.0.0	spec/lib/kb/codesake_cve_2013_1655_spec.rb
codesake-dawn-1.0.0.rc2	spec/lib/kb/codesake_cve_2013_1655_spec.rb
codesake-dawn-1.0.0.rc1	spec/lib/kb/codesake_cve_2013_1655_spec.rb
codesake-dawn-0.85	spec/lib/kb/codesake_cve_2013_1655_spec.rb
codesake-dawn-0.80.0	spec/lib/kb/codesake_cve_2013_1655_spec.rb