Mercurial > farol > farolluz
annotate farolluz/parsers/cve.py @ 43:b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
author | Benoît Allard <benoit.allard@greenbone.net> |
---|---|
date | Mon, 29 Dec 2014 16:33:34 +0100 |
parents | |
children | b7e64d0a3a7c |
rev | line source |
---|---|
43
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
1 # -*- coding: utf-8 -*- |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
2 # Description: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
3 # Methods for parsing CVE XML documents |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
4 # |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
5 # Authors: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
6 # BenoƮt Allard <benoit.allard@greenbone.net> |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
7 # |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
8 # Copyright: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
9 # Copyright (C) 2014 Greenbone Networks GmbH |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
10 # |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
11 # This program is free software; you can redistribute it and/or |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
12 # modify it under the terms of the GNU General Public License |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
13 # as published by the Free Software Foundation; either version 2 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
14 # of the License, or (at your option) any later version. |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
15 # |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
16 # This program is distributed in the hope that it will be useful, |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
17 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
19 # GNU General Public License for more details. |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
20 # |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
21 # You should have received a copy of the GNU General Public License |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
22 # along with this program; if not, write to the Free Software |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
23 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
24 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
25 """\ |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
26 Methods for parsing of CVE XML Documents |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
27 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
28 Ref: http://scap.nist.gov/schema/vulnerability/0.4 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
29 """ |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
30 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
31 from __future__ import absolute_import |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
32 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
33 import xml.etree.ElementTree as ET |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
34 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
35 from .xml import parseDate |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
36 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
37 from ..common import CVRFNote, CVRFReference |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
38 from ..document import CVRF, CVRFPublisher, CVRFTracking, CVRFTrackingID, CVRFRevision |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
39 from ..producttree import CVRFFullProductName |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
40 from ..utils import utcnow |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
41 from ..vulnerability import CVRFVulnerability, CVRFCVSSSet, CVRFCWE, CVRFProductStatus |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
42 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
43 NAMESPACES = { |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
44 'cve': "http://scap.nist.gov/schema/feed/vulnerability/2.0", |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
45 'vuln': "http://scap.nist.gov/schema/vulnerability/0.4", |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
46 'cvss': "http://scap.nist.gov/schema/cvss-v2/0.2", |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
47 'xml': "http://www.w3.org/XML/1998/namespace", |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
48 } |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
49 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
50 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
51 def UN(ns, name): |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
52 """ returns a Universal Name """ |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
53 return "{%s}%s" % (NAMESPACES[ns], name) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
54 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
55 def parseCVSS(xmlElem): |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
56 """ Make a vector out of a list of elements """ |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
57 def get(name): |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
58 return xmlElem.findtext('/'.join([UN('cvss', 'base_metrics'), UN('cvss', name)])) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
59 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
60 cvss_set = CVRFCVSSSet(float(get('score'))) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
61 vector = [ |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
62 'AV:%s' % {'LOCAL': 'L', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
63 'ADJACENT_NETWORK': 'A', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
64 'NETWORK': 'N'}[get('access-vector')], |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
65 'AC:%s' % {'HIGH': 'H', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
66 'MEDIUM': 'M', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
67 'LOW': 'L'}[get('access-complexity')], |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
68 'Au:%s' % {'MULTIPLE': 'M', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
69 'SINGLE': 'S', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
70 'NONE': 'N'}[get('authentication')], |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
71 'C:%s' % {'NONE': 'N', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
72 'PARTIAL': 'P', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
73 'COMPLETE': 'C'}[get('confidentiality-impact')], |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
74 'I:%s' % {'NONE': 'N', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
75 'PARTIAL': 'P', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
76 'COMPLETE': 'C'}[get('integrity-impact')], |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
77 'A:%s' % {'NONE': 'N', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
78 'PARTIAL': 'P', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
79 'COMPLETE': 'C'}[get('availability-impact')], |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
80 ] |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
81 cvss_set.setVector('/'.join(vector)) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
82 return cvss_set |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
83 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
84 def parseXML(data): |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
85 """ returns am ET.Element from the input stuff. |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
86 input can be: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
87 - a string |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
88 - a file handle |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
89 - an ET.Element instance |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
90 """ |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
91 if isinstance(data, ET.Element): |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
92 return data |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
93 # To allow passing file handles |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
94 if hasattr(data, 'read'): |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
95 data = data.read() |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
96 # Parse it. |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
97 return ET.fromstring(data) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
98 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
99 def parse_CVE_from_GSA(data): |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
100 xml = parseXML(data) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
101 return parse(xml.find('/'.join(['get_info', 'get_info_response', 'info', 'cve', 'raw_data', UN('cve', 'entry')]))) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
102 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
103 def parse(xml): |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
104 xml = parseXML(xml) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
105 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
106 # Create an extra-minimal document |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
107 doc = CVRF(xml.findtext(UN('vuln', 'cve-id')), |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
108 'Vulnerability Description') |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
109 pub = CVRFPublisher("Other") |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
110 doc.setPublisher(pub) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
111 now = utcnow() |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
112 tracking = CVRFTracking( |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
113 CVRFTrackingID('000000'), |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
114 "Draft", |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
115 (0,), |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
116 now, now |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
117 ) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
118 doc.setTracking(tracking) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
119 tracking.addRevision(CVRFRevision((0,), now, 'Document created')) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
120 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
121 # Add the CVE to that document |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
122 return addToDoc(doc, xml) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
123 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
124 def addToDoc(doc, xml): |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
125 """ Adds the CVE as vulnerability in the document """ |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
126 xml = parseXML(xml) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
127 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
128 vulnid = xml.attrib['id'] |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
129 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
130 # Get a new ordinal for our new Vulnerability |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
131 if len(doc._vulnerabilities) == 0: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
132 ordinal = 1 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
133 else: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
134 ordinal = doc._vulnerabilities[-1]._ordinal + 1 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
135 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
136 # Create a Vulnerability |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
137 vuln = CVRFVulnerability(ordinal) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
138 doc.addVulnerability(vuln) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
139 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
140 vulnerable_products = [] |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
141 # Set the vulnerable products in productTree |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
142 for i, cpe in enumerate(xml.findall( |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
143 '/'.join([UN('vuln', 'vulnerable-software-list'), |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
144 UN('vuln', 'product')]))): |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
145 if doc._producttree is None: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
146 doc.createProductTree() |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
147 try: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
148 prod = doc._producttree.getProductForCPE(cpe.text) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
149 except KeyError: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
150 prod = CVRFFullProductName('%s-P%d' % (vulnid, i), cpe.text, doc._producttree, cpe.text) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
151 doc._producttree.addProduct(prod) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
152 vulnerable_products.append(prod) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
153 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
154 if vulnerable_products: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
155 status = CVRFProductStatus('Known Affected') |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
156 for product in vulnerable_products: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
157 status.addProductID(product._productid) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
158 vuln.addProductStatus(status) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
159 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
160 # Add the CVE-id |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
161 vuln.setCVE(xml.findtext(UN('vuln', 'cve-id'))) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
162 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
163 # The release date |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
164 vuln.setReleaseDate(parseDate(xml.findtext(UN('vuln', 'published-datetime')))) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
165 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
166 # Add the CVSS |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
167 xmlcvss = xml.find(UN('vuln', 'cvss')) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
168 if xmlcvss is not None: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
169 vuln.addCVSSSet(parseCVSS(xmlcvss)) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
170 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
171 # Add the CWE id |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
172 xmlcwe = xml.find(UN('vuln', 'cwe')) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
173 if xmlcwe is not None: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
174 # XXX: Get a Description for the CWE ! |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
175 vuln.addCWE(CVRFCWE(xmlcwe.attrib['id'], xmlcwe.attrib['id'])) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
176 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
177 # Add references |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
178 for xmlref in xml.findall(UN('vuln', 'references')): |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
179 vuln.addReference(CVRFReference(xmlref.find(UN('vuln','reference')).attrib['href'], |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
180 xmlref.findtext(UN('vuln', 'reference')))) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
181 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
182 xmlsummary = xml.findtext(UN('vuln', 'summary')) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
183 if xmlsummary is not None: |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
184 vuln.addNote(CVRFNote( |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
185 'Summary', |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
186 1, |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
187 xmlsummary |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
188 )) |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
189 |
b87f2a6e613a
Add CVE parsing (from OpenVAS GSA)
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
190 return doc |