search

hammackj / risu

Risu is Nessus parser, that converts the generated reports into a ActiveRecord database, this allows for easy report generation and vulnerability verification.
http://hammackj.github.io/risu
MIT License
63 stars 20 forks source link

New XML element detected #80

Closed mboman closed 9 years ago

mboman commented 9 years ago

New XML element detected: cm:compliance-reference. Please report this at http://github.com/arxopia/risu/issues/new or via email to risu@arxopia.com New XML element detected: cm:compliance-see-also. Please report this at http://github.com/arxopia/risu/issues/new or via email to risu@arxopia.com New XML element detected: cm:compliance-solution. Please report this at http://github.com/arxopia/risu/issues/new or via email to risu@arxopia.com

$ risu --version risu: 1.7.3 Ruby Version: 1.9.3 Rubygems Version: 2.4.3

hammackj commented 9 years ago

Thanks I will get these added.

-Jacob

Jacob Hammack Jacob.Hammack@Hammackj.com (210) 355-0036 http://www.hammackj.com

On Jan 19, 2015, at 7:08 AM, Michael Boman notifications@github.com wrote:

New XML element detected: cm:compliance-reference. Please report this at http://github.com/arxopia/risu/issues/new or via email to risu@arxopia.com New XML element detected: cm:compliance-see-also. Please report this at http://github.com/arxopia/risu/issues/new or via email to risu@arxopia.com New XML element detected: cm:compliance-solution. Please report this at http://github.com/arxopia/risu/issues/new or via email to risu@arxopia.com

mboman commented 9 years ago

Got the following error when using mysql2 backend (hostnames has been replaced by X, but lenght is unmodified):

[!] Mysql2::Error: Data too long for column 'cm_compliance_info' at row 1: UPDATE items SET plugin_name = 'VMware vCenter/vSphere Compliance Checks', cm_compliance_info = 'By ensuring that all systems use the same relative time source (including the relevant localization offset), and that the relative time source can be correlated to an agreed-upon time standard (such as Coordinated Universal Time...UTC), you can make it simpler to track and correlate an intruder...s actions when reviewing the relevant log files. Incorrect time settings can make it difficult to inspect and correlate log files to detect attacks, and can make auditing inaccurate. In addition incorrect time settings can introduce login issues with SSO as all SSO component rely on coordinated time.\nNOTE: Update NTP_SERVER to the appropriate value for the local environment.\n', cm_compliance_actual_value = '\n\nXXXXXXXXXXXXXXXX - NTP Server : XXXXXXXXXXXX\nXXXXXXXXXXXXXXXX - NTP Server : XXXXXXXXXXXX\nXXXXXXXXXXXXXXXX - NTP Server : XXXXXXXXXXXX\nXXXXXXXXXXXXXXXX - NTP Server : XXXXXXXXXXXX\nXXXXXXXXXXXXXXXX - NTP Server : XXXXXXXXXXXX\nXXXXXXXXXXXXXXXX - NTP Server : XXXXXXXXXXXX\nXXXXXXXXXXXXXXXX - NTP Server : XXXXXXXXXXXX\nXXXXXXXXXXXXXXXX - NTP Server : XXXXXXXXXXXX\n\n', cm_compliance_check_id = '1f2c54b9675f65282985bcb41f08ebeb', cm_compliance_policy_value = '\nregex: NTP Server : \nexpect: NTP Server : XXXXXXXXXXXX$\n', cm_compliance_audit_file = 'VMware_vSphere_5.x_Hardening_Guide.audit', cm_compliance_check_name = 'vCenter : config-ntp', cm_compliance_result = 'PASSED' WHERE items.id = 11 /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/abstract_mysql_adapter.rb:286:in query' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/abstract_mysql_adapter.rb:286:inblock in execute' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/abstract_adapter.rb:425:in block in log' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activesupport-4.0.0/lib/active_support/notifications/instrumenter.rb:20:ininstrument' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/abstract_adapter.rb:420:in log' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/abstract_mysql_adapter.rb:286:inexecute' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/mysql2_adapter.rb:220:in execute' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/mysql2_adapter.rb:247:inexec_delete' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/abstract/database_statements.rb:102:in update' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/abstract/query_cache.rb:14:inupdate' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/persistence.rb:489:in update_record' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/locking/optimistic.rb:70:inupdate_record' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/attribute_methods/dirty.rb:74:in update_record' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/callbacks.rb:307:inblock in update_record' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activesupport-4.0.0/lib/active_support/callbacks.rb:373:in _run__195586141842112430__update__callbacks' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activesupport-4.0.0/lib/active_support/callbacks.rb:80:inrun_callbacks' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/callbacks.rb:307:in update_record' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/timestamp.rb:70:inupdate_record' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/persistence.rb:466:in create_or_update' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/callbacks.rb:299:inblock in create_or_update' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activesupport-4.0.0/lib/active_support/callbacks.rb:403:in _run__195586141842112430__save__callbacks' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activesupport-4.0.0/lib/active_support/callbacks.rb:80:inrun_callbacks' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/callbacks.rb:299:in create_or_update' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/persistence.rb:106:insave' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/validations.rb:51:in save' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/attribute_methods/dirty.rb:32:insave' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/transactions.rb:270:in block (2 levels) in save' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/transactions.rb:326:inblock in with_transaction_returning_status' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/abstract/database_statements.rb:200:in transaction' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/transactions.rb:209:intransaction' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/transactions.rb:323:in with_transaction_returning_status' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/transactions.rb:270:inblock in save' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/transactions.rb:281:in rollback_active_record_state!' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/transactions.rb:269:insave' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/persistence.rb:230:in block in update' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/transactions.rb:326:inblock in with_transaction_returning_status' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/abstract/database_statements.rb:202:in block in transaction' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/abstract/database_statements.rb:210:inwithin_new_transaction' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/connection_adapters/abstract/database_statements.rb:202:in transaction' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/transactions.rb:209:intransaction' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/transactions.rb:323:in with_transaction_returning_status' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/activerecord-4.0.0/lib/active_record/persistence.rb:228:inupdate' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/risu-1.7.3/lib/risu/parsers/nessus/nessus_sax_listener.rb:366:in end_report_item' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/risu-1.7.3/lib/risu/parsers/nessus/nessus_sax_listener.rb:199:inon_end_element' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/risu-1.7.3/lib/risu/parsers/nessus/nessus_document.rb:72:in parse' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/risu-1.7.3/lib/risu/parsers/nessus/nessus_document.rb:72:inparse' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/risu-1.7.3/lib/risu/cli/application.rb:465:in parse_file' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/risu-1.7.3/lib/risu/cli/application.rb:416:inblock in run' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/risu-1.7.3/lib/risu/cli/application.rb:414:in each' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/risu-1.7.3/lib/risu/cli/application.rb:414:inrun' /home/micbom/.rvm/gems/ruby-1.9.3-p551/gems/risu-1.7.3/bin/risu:37:in <top (required)>' /home/micbom/.rvm/gems/ruby-1.9.3-p551/bin/risu:23:inload' /home/micbom/.rvm/gems/ruby-1.9.3-p551/bin/risu:23:in <main>' /home/micbom/.rvm/gems/ruby-1.9.3-p551/bin/ruby_executable_hooks:15:ineval' /home/micbom/.rvm/gems/ruby-1.9.3-p551/bin/ruby_executable_hooks:15:in `

'

hammackj commented 9 years ago

I will get this fixed and push as soon as I can. Thanks

hammackj commented 9 years ago

Almost have this complete, just adding unit tests now. Sorry for the delay.