public function delete(Vulnerability &$vulnerability)
 {
     $this->db->query("delete from Vulnerability where id=" . $vulnerability->getId());
 }
Example #2
0
 /**
  * Find CveDef for Vulnerability
  * @param Vulnerability $vul
  * @return CveDef
  */
 public function getCveDefForVulnerability(Vulnerability $vul)
 {
     $sql = "select id as _id, definitionId as _definitionId, title as _title, refUrl as _refUrl, vdsSubSourceDefId as _vdsSubSourceDefId\n        from CveDef where CveDef.id=(select Vulnerability.cveDefId from Vulnerability where Vulnerability.id={$vul->getId()})";
     $cveDef = $this->db->queryObject($sql, "CveDef");
     return $cveDef;
 }
Example #3
0
 public function retrieveVulnerabilities()
 {
     Utils::log(LOG_DEBUG, "Synchronizing CVE", __FILE__, __LINE__);
     $vulnerabilities = array();
     foreach ($this->getSubSources() as $subSource) {
         $defs = $subSource->retrieveDefinitions();
         # We have CVE definition in this format:
         # Array
         #(
         #	   [subSourceDefId] => 5
         #    [definition_id] => oval:com.redhat.rhsa:def:20120006
         #    [severity] => Critical
         #    [title] => RHSA-2012:0006: java-1.4.2-ibm security update (Critical)
         #    [ref_url] => https://rhn.redhat.com/errata/RHSA-2012-0006.html
         #    [cves] => Array
         #        (
         #            [0] => CVE-2011-3389
         #            [1] => CVE-2011-3545
         #        )
         #
         #    [osGroup] => Array
         #        (
         #            [Red Hat Enterprise Linux 5] => Array
         #                (
         #                    [0] => Array
         #                        (
         #                            [name] => java-1.4.2-ibm-plugin
         #                            [version] => 0:1.4.2.13.11
         #                            [release] => 1jpp.1.el5
         #				              [operator] => <
         #                        )
         #                    [1] => Array
         #                        (
         #                             [name] => java-1.4.2-ibm-src
         #                             [version] => 0:1.4.2.13.11
         #                             [release] => 1jpp.1.el5
         #				                [operator] => <
         #                         )
         #
         #                )
         #
         #        )
         #
         #)
         # Store them into the list of Vulnerabilities
         if ($defs) {
             # Reformat data into
             foreach ($defs as $def) {
                 #CVEs definition
                 $cveDef = new CveDef();
                 $cveDef->setDefinitionId($def['definition_id']);
                 $cveDef->setTitle($def['title']);
                 $cveDef->setRefUrl($def['ref_url']);
                 $cveDef->setVdsSubSourceDefId($def['subSourceDefId']);
                 $cveDefId = $this->_pakiti->getDao("CveDef")->getCveDefId($cveDef);
                 if ($cveDefId == null) {
                     # CVEs
                     $cves = array();
                     foreach ($def['cves'] as $cveName) {
                         $cve = new Cve();
                         $cve->setName($cveName);
                         array_push($cves, $cve);
                     }
                     $cveDef->setCves($cves);
                     $this->_pakiti->getManager('CveDefsManager')->createCveDef($cveDef);
                 } else {
                     $cveDef->setId($cveDefId);
                 }
                 foreach ($def['osGroup'] as $osGroupName => $defsPkg) {
                     foreach ($defsPkg as $defPkg) {
                         $vuln = new Vulnerability();
                         $vuln->setCveDefId($cveDef->getId());
                         # OVAL from RH and DSA doesn't contain arch, so use all
                         $archName = 'all';
                         $arch = $this->_pakiti->getManager("HostsManager")->getArch($archName);
                         if ($arch == null) {
                             # Arch is not defined in the DB, so created it  e);
                             $arch = $this->_pakiti->getManager('HostsManager')->createArch($archName);
                         }
                         $vuln->setName($defPkg['name']);
                         $vuln->setRelease($defPkg['release']);
                         $vuln->setVersion($defPkg['version']);
                         $vuln->setArch($arch->getName());
                         # Get osGroup Id
                         $osGroup = $this->_pakiti->getManager("OsGroupsManager")->getOsGroupByName($osGroupName);
                         if ($osGroup == null) {
                             $osGroup = new OsGroup();
                             $osGroup->setName($osGroupName);
                             # osGropu is not defined in the DB, so created it
                             $osGroup = $this->_pakiti->getManager('OsGroupsManager')->createOsGroup($osGroupName);
                         }
                         $vuln->setOsGroupId($osGroup->getId());
                         $vuln->setOperator($defPkg['operator']);
                         array_push($vulnerabilities, $vuln);
                     }
                 }
             }
         }
     }
     return $vulnerabilities;
 }