Skip to content

Add fireeye vulnerabilities #487 #795

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
TG1999 merged 6 commits into from
Jan 30, 2023
Merged

Add fireeye vulnerabilities #487 #795

TG1999 merged 6 commits into from
Jan 30, 2023

Conversation

@ziadhany
Copy link
Collaborator

@ziadhany ziadhany commented Jul 11, 2022
edited by pombredanne
Loading

See #487

@ziadhany ziadhany force-pushed the add_fireeye branch 2 times, most recently from 4270fd9 to 697d742 Compare July 11, 2022 00:21
@ziadhany ziadhany self-assigned this Jul 11, 2022
@pombredanne pombredanne mentioned this pull request Jul 11, 2022
Closed
TG1999
TG1999 reviewed Jul 14, 2022
View reviewed changes
TG1999
TG1999 requested changes Jul 14, 2022
View reviewed changes
@TG1999
Copy link
Contributor

TG1999 commented Jul 14, 2022

@ziadhany please run this importer and add logs for that here, and also run the improve command over this imported data and provide the logs for that

@TG1999
Copy link
Contributor

TG1999 commented Jul 21, 2022

@ziadhany please add logs

@ziadhany
Copy link
Collaborator Author

ziadhany commented Jul 25, 2022

importer logs :

/home/ziad/Desktop/open_source/vulnerablecode/venv/bin/python /home/ziad/Desktop/open_source/vulnerablecode/manage.py import vulnerabilities.importers.fireeye.FireyeImporter
Importing data using vulnerabilities.importers.fireeye.FireyeImporter
MNDT-2021-0002.MD
FEYE-2021_0008.MD
MNDT-2021-0011.md
FEYE-2021_0007.MD
FEYE-2019-0010.md
FEYE-2020-0020.md
MNDT-2021-0009.md
FEYE-2021-0015.md
FEYE-2021-0019.md
MNDT-2021-0012.md
FEYE-2020-0008.md
FEYE-2019-0006.md
FEYE-2020-0013.md
FEYE-2021_0004.MD
MNDT-2021-0004.MD
MNDT-2021-0006.MD
FEYE-2021-0017.md
FEYE-2019-0003.md
MNDT-2021-0001.md
FEYE-2020-0007.md
FEYE-2019-0001.md
FEYE-2021-0020.md
FEYE-2021_0013.MD
FEYE-2020-0019.md
FEYE-2020_0004.md
FEYE-2021_0011.MD
FEYE-2020-0016.md
FEYE-2020-0015.md
FEYE-2020_0002.md
FEYE-2021-0021.md
FEYE-2020-0012.md
MNDT-2021-0003.MD
FEYE-2019-0012.md
FEYE-2021_0012.MD
FEYE-2019-0015.md
FEYE-2020-0005.md
FEYE-2021_0005.MD
FEYE-2019-0009.md
FEYE-2021-0014.md
FEYE-2021-0022.md
MNDT-2022-0006.md
MNDT-2022-0030.md
MNDT-2022-0009.md
MNDT-2022-0021.md
MNDT-2022-0020.md
MNDT-2022-0016.md
MNDT-2022-0015.md
MNDT-2022-0022.md
MNDT-2022-0019.md
MNDT-2022-0001.md
MNDT-2022-0018.md
MNDT-2022-0013.md
MNDT-2022-0024.md
MNDT-2022-0027.md
MNDT-2022-0011.md
MNDT-2022-0003.md
MNDT-2022-0028.md
MNDT-2022-0002.md
MNDT-2022-0025.md
MNDT-2022-0031.md
MNDT-2022-0010.md
MNDT-2022-0007.md
MNDT-2022-0029.md
MNDT-2022-0017.md
MNDT-2022-0014.md
MNDT-2022-0023.md
MNDT-2022-0026.md
MNDT-2022-0008.md
MNDT-2022-0012.md
MNDT-2022-0004.md
MNDT-2022-0005.md
FEYE-2020-0018.md
MNDT-2021-0008.md
FEYE-2021_0009.MD
FEYE-2019-0013.md
FEYE-2021-0023.md
FEYE-2020-0017.md
MNDT-2021-0010.md
FEYE-2021_0010.MD
MNDT-2021-0005.MD
FEYE-2019-0008.md
FEYE-2019-0004.md
FEYE-2021_0003.MD
FEYE-2021-0016.md
FEYE-2019-0002.md
FEYE-2020-0006.md
FEYE-2021-0018.md
FEYE-2019-0011.md
FEYE-2020-0010.md
FEYE-2021-0025.md
FEYE-2019-0005.md
FEYE-2021-0024.md
FEYE-2020-0014.md
FEYE-2020-0011.md
FEYE-2019-0007.md
FEYE-2019-0014.md
MNDT-2021-0007.md
FEYE-2021-0002.md
FEYE-2020-0009.md
FEYE-2021_0006.MD
FEYE-2020-0001.md
FEYE-2020_0003.md
FEYE-2021-0001.md
Successfully imported data using vulnerabilities.importers.fireeye.FireyeImporter

Process finished with exit code 0

improver logs :

Improving data using vulnerabilities.improvers.default.DefaultImprover
Inconsistent summary for <Vulnerability: VULCOID-12>. Existing: IOCTL 0x120004 in KfeCo10X64.sys, part of Rivet Killer Control Center, fails to validate an offset passed as a parameter during a memory operation, leading an arbitrary write primitive which can lead to code execution and escalation of privileges., provided: IOCTL 0x120404 in KfeCo10X64.sys, part of Rivet Killer Control Center, fails to validate an offset passed as a parameter during a memory operation, leading to an out-of-bounds read that can be used as part of a chain to escalate privileges. This is not same issue as FEYE-2019-0008.
Successfully improved data using vulnerabilities.improvers.default.DefaultImprover

TG1999
TG1999 reviewed Jul 25, 2022
View reviewed changes
@ziadhany ziadhany mentioned this pull request Sep 22, 2022
Open
9 tasks
@pombredanne pombredanne mentioned this pull request Oct 11, 2022
Closed
TG1999
TG1999 reviewed Oct 18, 2022
View reviewed changes
@TG1999
Copy link
Contributor

TG1999 commented Oct 18, 2022

Please see my review comment, otherwise this looks good to me. Please rebase your branch

TG1999
TG1999 reviewed Oct 18, 2022
View reviewed changes
@ziadhany ziadhany force-pushed the add_fireeye branch 2 times, most recently from b2528e7 to 371e39f Compare October 31, 2022 20:48
@TG1999 TG1999 requested a review from pombredanne November 2, 2022 14:49
TG1999
TG1999 approved these changes Nov 21, 2022
View reviewed changes
Copy link
Contributor

@TG1999 TG1999 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@pombredanne pombredanne added this to the v32.0.0 milestone Dec 8, 2022
pombredanne
pombredanne requested changes Dec 24, 2022
View reviewed changes
Copy link
Member

@pombredanne pombredanne left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! just a few nits for your consideration.

@ziadhany ziadhany force-pushed the add_fireeye branch 2 times, most recently from edd8f11 to db26bb8 Compare December 26, 2022 20:25
@TG1999 TG1999 requested a review from pombredanne January 27, 2023 12:53
pombredanne
pombredanne approved these changes Jan 27, 2023
View reviewed changes
Copy link
Member

@pombredanne pombredanne left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM... I just added a notice for good measure.

@pombredanne pombredanne changed the title Add fireeye Add fireeye vulnerabilities #487 Jan 27, 2023
@ziadhany @TG1999
Add pathlib and glob
fe1e94c 
Fix docstring style

Add the License, add a Git Importer to fireeye

Remove print logs

Add docstring , add test for parse_advisory_data.

Add Fireeye importer

Reference: aboutcode-org#487

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
ziadhany and others added 4 commits January 30, 2023 22:31
@ziadhany @TG1999
Try and except for UnicodeError
3a28667 
Signed-off-by: ziadhany <ziadhany2016@gmail.com>
@ziadhany @TG1999
add a logger
536f596 
Signed-off-by: ziadhany <ziadhany2016@gmail.com>
@pombredanne @TG1999
Add fireeye/mandiant notice aboutcode-org#487
17325e8 
See aboutcode-org#487

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@TG1999
Rebase with the latest main
6d2c127 
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
@TG1999
Fix tests
839bb3c 
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
@TG1999 TG1999 merged commit 8134a08 into aboutcode-org:main Jan 30, 2023
@ziadhany ziadhany deleted the add_fireeye branch February 13, 2024 13:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pombredanne pombredanne pombredanne approved these changes

@TG1999 TG1999 TG1999 approved these changes

Assignees

@pombredanne pombredanne

@ziadhany ziadhany

@TG1999 TG1999

Labels

Data collection

Projects

None yet

Milestone

v32.0.0

Development

Successfully merging this pull request may close these issues.

3 participants

@ziadhany @TG1999 @pombredanne