-
Notifications
You must be signed in to change notification settings - Fork 198
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into cvss-v-display
- Loading branch information
Showing
19 changed files
with
477 additions
and
75 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
52 changes: 52 additions & 0 deletions
52
...rabilities/migrations/0055_remove_changelogs_with_same_data_different_software_version.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
# | ||
# Copyright (c) nexB Inc. and others. All rights reserved. | ||
# VulnerableCode is a trademark of nexB Inc. | ||
# SPDX-License-Identifier: Apache-2.0 | ||
# See http://www.apache.org/licenses/LICENSE-2.0 for the license text. | ||
# See https://github.com/nexB/vulnerablecode for support or download. | ||
# See https://aboutcode.org for more information about nexB OSS projects. | ||
# | ||
|
||
from django.db import migrations | ||
from django.db import models | ||
|
||
|
||
class Migration(migrations.Migration): | ||
|
||
def remove_duped_changelogs(apps, schema_editor): | ||
PackageChangeLog = apps.get_model("vulnerabilities", "PackageChangeLog") | ||
VulnerabilityChangeLog = apps.get_model("vulnerabilities", "VulnerabilityChangeLog") | ||
|
||
models_list = [PackageChangeLog, VulnerabilityChangeLog] | ||
|
||
for model in models_list: | ||
# Identify duplicate records based on actor_name, action_type, and source_url | ||
duplicate_records = model.objects.values('actor_name', 'action_type', 'source_url').annotate(count=models.Count('id')).filter(count__gt=1) | ||
|
||
to_be_deleted = list() | ||
|
||
for duplicate_set in duplicate_records: | ||
# Get the records for the current duplicate set | ||
records_to_delete = model.objects.filter( | ||
actor_name=duplicate_set['actor_name'], | ||
action_type=duplicate_set['action_type'], | ||
source_url=duplicate_set['source_url'] | ||
).order_by('-software_version') | ||
|
||
# Keep the record with the older software version | ||
record_to_keep = records_to_delete.last() | ||
|
||
# Delete the records with the newer software version | ||
to_be_deleted.extend(records_to_delete.exclude(id=record_to_keep.id)) | ||
|
||
to_be_deleted = list(set(to_be_deleted)) | ||
to_be_deleted = [rec.id for rec in to_be_deleted] | ||
model.objects.filter(id__in = to_be_deleted).delete() | ||
|
||
dependencies = [ | ||
("vulnerabilities", "0054_alter_packagechangelog_software_version_and_more"), | ||
] | ||
|
||
operations = [ | ||
migrations.RunPython(remove_duped_changelogs, reverse_code=migrations.RunPython.noop), | ||
] |
21 changes: 21 additions & 0 deletions
21
vulnerabilities/migrations/0056_alter_packagechangelog_unique_together_and_more.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Generated by Django 4.1.13 on 2024-01-22 09:42 | ||
|
||
from django.db import migrations | ||
|
||
|
||
class Migration(migrations.Migration): | ||
|
||
dependencies = [ | ||
("vulnerabilities", "0055_remove_changelogs_with_same_data_different_software_version"), | ||
] | ||
|
||
operations = [ | ||
migrations.AlterUniqueTogether( | ||
name="packagechangelog", | ||
unique_together={("action_time", "actor_name", "action_type", "source_url")}, | ||
), | ||
migrations.AlterUniqueTogether( | ||
name="vulnerabilitychangelog", | ||
unique_together={("action_time", "actor_name", "action_type", "source_url")}, | ||
), | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
# MNDT-2023-0017 | ||
|
||
The IBM Personal Communications (PCOMM) application 13.0.0 and earlier caused a user's plaintext password to be written to the `C:\Temp\pcsnp_init.log` file when re-connection was made through a remote desktop protocol. | ||
|
||
## Common Weakness Enumeration | ||
CWE-312: Cleartext Storage of Sensitive Information | ||
|
||
## Impact | ||
High - An attacker with low-privilege access to a host with IBM PCOMM could recover the plaintext password of another user. | ||
|
||
## Exploitability | ||
Low - Exploitability varies depending on the environment in which IBM PCOMM is installed. Mandiant identified this vulnerability when conducting independent security research for a client that used Citrix to connect to shared Windows Server instances. In certain environments where remote desktop is used to connect to shared hosts with IBM PCOMM installed, the exploitability is greatly increased. | ||
|
||
## CVE Reference | ||
CVE-2016-0321 - scope expanded | ||
|
||
## Technical Details | ||
While conducting independent security research, Mandiant identified a plaintext Active Directory password stored within the `C:\Temp\pcsnp_init.log` file. The affected host had IBM PCOMM version 13.0.0 installed and was used by multiple users who connected with Citrix. Upon a user connecting, disconnecting, and connecting again, the user's plaintext password was stored in the `C:\Temp\pcsnp_init.log` file. | ||
|
||
## Discovery Credits | ||
- Adin Drabkin, Mandiant | ||
- Matthew Rotlevi, Mandiant | ||
|
||
## Disclosure Timeline | ||
- 2023-09-26 - Issue reported to the vendor. | ||
- 2023-11-03 - The vendor updated the security bulletin for CVE-2016-0321 to include all known affected and fixed versions. | ||
|
||
## References | ||
- [IBM Security Bulletin](https://www.ibm.com/support/pages/security-bulletin-ibm-personal-communications-could-allow-remote-user-obtain-sensitive-information-including-user-passwords-allowing-unauthorized-access-cve-2016-0321) | ||
- [IBM Personal Communications](https://www.ibm.com/support/pages/ibm-personal-communications) | ||
- [Mitre CVE-2016-0321](https://www.cve.org/CVERecord?id=CVE-2016-0321) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.