public function create(Cve &$cve) { $this->db->query("insert into Cve set\n \tname='" . $this->db->escape($cve->getName()) . "',\n \tcveDefId='" . $this->db->escape($cve->getCveDefId()) . "'"); # Set the newly assigned id $cve->setId($this->db->getLastInsertedId()); }
public function removeCveTags(Cve &$cve) { if ($cve == null || $cve->getId() == -1) { Utils::log(LOG_DEBUG, "Exception", __FILE__, __LINE__); throw new Exception("Cve object is not valid or Cve.id is not set"); } Utils::log(LOG_DEBUG, "Removing all tags associated with the cve [cveId='{$cve->getId()}']", __FILE__, __LINE__); $this->getPakiti()->getDao("Tag")->deleteTagsByCveId($cve->getId()); }
public function retrieveVulnerabilities() { Utils::log(LOG_DEBUG, "Synchronizing CVE", __FILE__, __LINE__); $vulnerabilities = array(); foreach ($this->getSubSources() as $subSource) { $defs = $subSource->retrieveDefinitions(); # We have CVE definition in this format: # Array #( # [subSourceDefId] => 5 # [definition_id] => oval:com.redhat.rhsa:def:20120006 # [severity] => Critical # [title] => RHSA-2012:0006: java-1.4.2-ibm security update (Critical) # [ref_url] => https://rhn.redhat.com/errata/RHSA-2012-0006.html # [cves] => Array # ( # [0] => CVE-2011-3389 # [1] => CVE-2011-3545 # ) # # [osGroup] => Array # ( # [Red Hat Enterprise Linux 5] => Array # ( # [0] => Array # ( # [name] => java-1.4.2-ibm-plugin # [version] => 0:1.4.2.13.11 # [release] => 1jpp.1.el5 # [operator] => < # ) # [1] => Array # ( # [name] => java-1.4.2-ibm-src # [version] => 0:1.4.2.13.11 # [release] => 1jpp.1.el5 # [operator] => < # ) # # ) # # ) # #) # Store them into the list of Vulnerabilities if ($defs) { # Reformat data into foreach ($defs as $def) { #CVEs definition $cveDef = new CveDef(); $cveDef->setDefinitionId($def['definition_id']); $cveDef->setTitle($def['title']); $cveDef->setRefUrl($def['ref_url']); $cveDef->setVdsSubSourceDefId($def['subSourceDefId']); $cveDefId = $this->_pakiti->getDao("CveDef")->getCveDefId($cveDef); if ($cveDefId == null) { # CVEs $cves = array(); foreach ($def['cves'] as $cveName) { $cve = new Cve(); $cve->setName($cveName); array_push($cves, $cve); } $cveDef->setCves($cves); $this->_pakiti->getManager('CveDefsManager')->createCveDef($cveDef); } else { $cveDef->setId($cveDefId); } foreach ($def['osGroup'] as $osGroupName => $defsPkg) { foreach ($defsPkg as $defPkg) { $vuln = new Vulnerability(); $vuln->setCveDefId($cveDef->getId()); # OVAL from RH and DSA doesn't contain arch, so use all $archName = 'all'; $arch = $this->_pakiti->getManager("HostsManager")->getArch($archName); if ($arch == null) { # Arch is not defined in the DB, so created it e); $arch = $this->_pakiti->getManager('HostsManager')->createArch($archName); } $vuln->setName($defPkg['name']); $vuln->setRelease($defPkg['release']); $vuln->setVersion($defPkg['version']); $vuln->setArch($arch->getName()); # Get osGroup Id $osGroup = $this->_pakiti->getManager("OsGroupsManager")->getOsGroupByName($osGroupName); if ($osGroup == null) { $osGroup = new OsGroup(); $osGroup->setName($osGroupName); # osGropu is not defined in the DB, so created it $osGroup = $this->_pakiti->getManager('OsGroupsManager')->createOsGroup($osGroupName); } $vuln->setOsGroupId($osGroup->getId()); $vuln->setOperator($defPkg['operator']); array_push($vulnerabilities, $vuln); } } } } } return $vulnerabilities; }