Closed Deblintrake09 closed 6 months ago
System | E2E-VD-3 | E2E-VD-4 | E2E-VD-5 | E2E-VD-6 | E2E-VD-7 | E2E-VD-9 | E2E-VD-10 | E2E-VD-11 |
---|---|---|---|---|---|---|---|---|
Ubuntu 22 | ||||||||
Centos 7 | ||||||||
macOS |
Research building vim locally for Ubuntu using version 8.1.2135
for CVE-2020-20703, gets invalid version installed
Download package source from repository , installs version 8.1.3741
v8.1.2134
from sources. Installed version is not detected
root@ubuntu-focal:/home/vagrant/vim-8.1.2134/src# vim --version
VIM - Vi IMproved 8.1 (2018 May 18, compiled Oct 12 2023 21:42:02)
Included patches: 1-2134
Compiled by vagrant@ubuntu-focal
Huge version without GUI. Features included (+) or not (-):
+acl -farsi -mouse_sysmouse -tag_any_white
+arabic +file_in_path +mouse_urxvt -tcl
+autocmd +find_in_path +mouse_xterm +termguicolors
+autochdir +float +multi_byte +terminal
-autoservername +folding +multi_lang +terminfo
-balloon_eval -footer -mzscheme +termresponse
+balloon_eval_term +fork() +netbeans_intg +textobjects
-browse -gettext +num64 +textprop
++builtin_terms -hangul_input +packages +timers
+byte_offset +iconv +path_extra +title
+channel +insert_expand -perl -toolbar
+cindent +job +persistent_undo +user_commands
-clientserver +jumplist +postscript +vartabs
-clipboard +keymap +printer +vertsplit
+cmdline_compl +lambda +profile +virtualedit
+cmdline_hist +langmap -python +visual
+cmdline_info +libcall -python3 +visualextra
+comments +linebreak +quickfix +viminfo
+conceal +lispindent +reltime +vreplace
+cryptv +listcmds +rightleft +wildignore
+cscope +localmap -ruby +wildmenu
+cursorbind -lua +scrollbind +windows
+cursorshape +menu +signs +writebackup
+dialog_con +mksession +smartindent -X11
+diff +modify_fname -sound -xfontset
+digraphs +mouse +spell -xim
-dnd -mouseshape +startuptime -xpm
-ebcdic +mouse_dec +statusline -xsmp
+emacs_tags -mouse_gpm -sun_workshop -xterm_clipboard
+eval -mouse_jsbterm +syntax -xterm_save
+ex_extra +mouse_netterm +tag_binary
+extra_search +mouse_sgr -tag_old_static
system vimrc file: "$VIM/vimrc"
user vimrc file: "$HOME/.vimrc"
2nd user vimrc file: "~/.vim/vimrc"
user exrc file: "$HOME/.exrc"
defaults file: "$VIMRUNTIME/defaults.vim"
fall-back for $VIM: "/usr/local/share/vim"
Compilation: gcc -c -I. -Iproto -DHAVE_CONFIG_H -O2 -fno-strength-reduce -Wall -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1
Linking: gcc -L/usr/local/lib -Wl,--as-needed -o vim -lm -ltinfo -lnsl -ldl
I have conducted research on potential vulnerable package options. We propose using the following applications to conduct the suggested tests.
In order to proceed with a parallel approach we need to use different packages for each tests due to pytest-xdist do not allow dependent tests cases.
Case | Packages | Download Links | CVE Information |
---|---|---|---|
Vulnerability Package Installation | Firebird 2.0.7 | RPM, Deb: None, Win, macOS | Firebirdsql2.0.7 |
Updating a vulnerable package that remains vulnerable to the same CVE | Rclone 1.49.5 -> 1.50.0 | RPM1495, RPM1500, DEB1495, DEB1500, Win1495, Win1500, macOS: None | RClone1.49.5, RClone1.50.0 |
Updating a vulnerable package that becomes vulnerable to another CVE | Nmap 6.47 -> 7.00 | RPM647, RPM700, WIN647, WIN700, macOS647, macOS700, Deb: None | Nmap6.47, Nmap7.00 |
Vulnerable package that update is also vulnerable to another CVE | MongoDB 4.2.11 -> 4.4.10 | RPM4211, RPM4410, DEB4211, DEB4410, WIN4211, WIN4410, macOS, macOS | MongoDB4.2.11, MongoDB4.4.10 |
Vulnerable package that update cease to be vulnerable | Webmin 2.000 -> 2.003 | RPM2003, RPM2000, DEB2003, deb2000 | WebMin |
Non-vulnerable package | BleachBit 4.4.2 | RPM, DEB, Win | None |
Non-vulnerable package that remain non-vulnerable update | Mercurial 4.9.1 -> 6.5.1 | RPM491, RPM651, DEB none, Windows None, macOS None | Mercurial4.9.1 |
Non-vulnerable package that become vulnerable | CounchDB 3.2.3 -> 3.3.0 | RPM323, RPM330, DEB323, DEB330, Win: None, macOS: None | Couchdb323, Couchdb332 |
E2E-VD-3
through E2E-VD-7
E2E-VD-6
Regarding new changes in the tests requirements is required to research possible packages for ARM architectures: https://github.com/wazuh/wazuh-qa/issues/4369#issuecomment-1776968917
Started reviewing information on installing specific packages in macOS ARM
Meeting with @juliamagan regarding research of ARM packages.
It seems nodejs could be a good option to supply almost all the cases for macOS: https://nodejs.org/dist/ Further research is required
Case | Packages | Download links | CVE info |
---|---|---|---|
E2E-VD-3: Installation of a vulnerable package | Nodejs 17.0.1 | node-v17.0.1.pkg | Node.js-17.0.1 |
E2E-VD-4: Updating a vulnerable package that remains vulnerable to the same CVE | Nodejs 17.0.1 -> 17.1.0 | node-v17.1.0.pkg | Node.js-17.1.0 |
E2E-VD-5: Updating a vulnerable package that becomes vulnerable to another CVE | Nodejs 17.1.0 -> 18.0.0 | node-v18.0.0.pkg | Node.js-18.0.0 |
E2E-VD-6: Updating a vulnerable package that becomes vulnerable to another CVE and retains the previous one | Nodejs 18.0.0 -> 18.0.1 | node-v18.0.1.pkg | Node.js-18.0.1 |
E2E-VD-7: Updating a vulnerable package that ceases to be vulnerable | Nodejs 18.0.1 -> 19.5.0 | node-v19.5.0.pkg | Node.js-19.5.0 |
E2E-VD-8: Deleting a vulnerable package | Any of the previous ones | - | - |
E2E-VD-9: Installation of a non-vulnerable package | Nodejs 19.5.0 | node-v19.5.0.pkg | Node.js-19.5.0 |
E2E-VD-10: Updating a non-vulnerable package that remains non-vulnerable | Nodejs 19.5.0 -> 19.6.0 | node-v19.6.0.pkg | Node.js-19.6.0 |
E2E-VD-11: Updating a non-vulnerable package that becomes vulnerable | Nodejs 19.6.0 -> 20.0.0 | node-v20.0.0.pkg | Node.js-20.0.0 |
Case | Packages | Download links | CVE info |
---|---|---|---|
E2E-VD-3: Installation of a vulnerable package | |||
E2E-VD-4: Updating a vulnerable package that remains vulnerable to the same CVE | |||
E2E-VD-5: Updating a vulnerable package that becomes vulnerable to another CVE | |||
E2E-VD-6: Updating a vulnerable package that becomes vulnerable to another CVE and retains the previous one | |||
E2E-VD-7: Updating a vulnerable package that ceases to be vulnerable | |||
E2E-VD-8: Deleting a vulnerable package | Any of the previous ones | - | - |
E2E-VD-9: Installation of a non-vulnerable package | |||
E2E-VD-10: Updating a non-vulnerable package that remains non-vulnerable | |||
E2E-VD-11: Updating a non-vulnerable package that becomes vulnerable |
It has been more difficult to find packages for CentOS than for macOS, it seemed that Docker could be a good option, but we are missing packages for the last two cases. Although there are future versions that may not be vulnerable or have new vulnerabilities, we found no information about these packages.
Docker: 18.09.5 -> 18.09.6 -> 19.03.0 (2) -> 20.10.15 -> Any of the previous ones -> 20.10.15 18.03.0 -> 18.06.0 ->
Case | Packages | Download links | CVE info |
---|---|---|---|
E2E-VD-3: Installation of a vulnerable package | Postgresql 11.17 | postgresql11-libs-11.17 and postgresql11-11.17 | Postgresql-11.17 |
E2E-VD-4: Updating a vulnerable package that remains vulnerable to the same CVE | Postgresql 11.17 -> 11.18 | postgresql11-libs-11.18 and postgresql11-11.18 | Postgresql-11.18 |
E2E-VD-5: Updating a vulnerable package that becomes vulnerable to another CVE | Postgresql 11.18 -> 11.20 | postgresql11-libs-11.20 and postgresql11-11.20 | Postgresql-11.20 |
E2E-VD-6: Updating a vulnerable package that becomes vulnerable to another CVE and retains the previous one | Postgresql 11.20 -> 12.12 | postgresql12-libs-12.12 and postgresql12-12.12 | Postgresql-12.12 |
E2E-VD-7: Updating a vulnerable package that ceases to be vulnerable | Postgresql 12.12 -> 12.16 | postgresql12-libs-12.16 and postgresql12-12.16 | Postgresql-12.16 |
E2E-VD-8: Deleting a vulnerable package | Any of the previous ones | - | - |
E2E-VD-9: Installation of a non-vulnerable package | Postgresql 12.16 | postgresql12-libs-12.16 and postgresql12-12.16 | Postgresql-12.16 |
E2E-VD-10: Updating a non-vulnerable package that remains non-vulnerable | Postgresql 12.16 -> 13.12 | postgresql13-libs-13.12 and postgresql13-13.12 | Postgresql-13.12 |
E2E-VD-11: Updating a non-vulnerable package that becomes vulnerable | Postgresql 13.12 -> 14.5 | postgresql14-libs-14.5 and postgresql14-14.5 | Postgresql-14.5 |
Case | Packages | Download links | CVE info |
---|---|---|---|
E2E-VD-3: Installation of a vulnerable package | Grafana 8.5.5 | grafana-enterprise_8.5.5_arm64.deb | Grafana-8.5.5 |
E2E-VD-4: Updating a vulnerable package that remains vulnerable to the same CVE | Grafana 8.5.5 -> 8.5.6 | grafana-enterprise_8.5.6_arm64.deb | Grafana-8.5.6 |
E2E-VD-5: Updating a vulnerable package that becomes vulnerable to another CVE | Grafana 8.5.6 -> 9.1.1 | grafana-enterprise_9.1.1_arm64.deb | Grafana-9.1.1 |
E2E-VD-6: Updating a vulnerable package that becomes vulnerable to another CVE and retains the previous one | Grafana 9.1.1 -> 9.2.0 | grafana-enterprise_9.2.0_arm64.deb | Grafana-9.2.0 |
E2E-VD-7: Updating a vulnerable package that ceases to be vulnerable | Grafana 9.2.0 -> 9.4.17 | grafana-enterprise_9.4.17_arm64.deb | Grafana-9.4.17 |
E2E-VD-8: Deleting a vulnerable package | Any of the previous ones | - | - |
E2E-VD-9: Installation of a non-vulnerable package | Grafana 9.4.17 | grafana-enterprise_9.4.17_arm64.deb | Grafana-9.4.17 |
E2E-VD-10: Updating a non-vulnerable package that remains non-vulnerable | Grafana 9.4.17 -> 9.5.13 | grafana-enterprise_9.5.13_arm64.deb | Grafana-9.5.13 |
E2E-VD-11: Updating a non-vulnerable package that becomes vulnerable | Grafana 9.4.17 -> 10.0.0 | grafana-enterprise_10.0.0_arm64.deb | Grafana-10.0.0 |
We can use the same Nodejs packages
We can use the same Grafana packages
Research:
Research:
LGTM! Approved!
LGTM!
Description
This Issue aims to research packages usable for the different OSs that will be supported in the new Vulnerability Detector System tests, for each test case.
Systems
Test cases
Considerations