Commit Graph

33 Commits

Author SHA1 Message Date
Jeff Odegard
0425adacb6
Bug fixes for Nessus and Nmap parsers
Nessus was not assigning checklists to Oracle Solaris 11 for Sparc architectures.
Nmap was not correctly identifying normal text output files (.nmap)
2019-01-23 09:20:02 -07:00
cf5e8237c7
typo fix 2019-01-17 13:17:07 -05:00
55f086e8af
bug(software): Bug fix with software detection
Ubuntu.png - Add new Ubuntu checklist icon
Database_Baseline.zip - Update software detection tables
checklist.inc - Fix software icon detection for IE and SLES, and added detection for Ubuntu
software.inc - Fix bug adding extra spaces to software strings
parse_stig.php - Formatting and add save for when icon is updated
parse_stig_viewer.php - Add scan note when CKL file is missing or has empty <HOST_NAME> tag

Fix #87
2019-01-17 12:20:18 -05:00
9620adf3b9
fix(parse_nessus): bug fix
Fix null parameter call
2019-01-16 10:49:54 -05:00
Jeff Odegard
059d84f953
Parse_nessus.php null parameter bug
Parse_nessus threw an error when parsing by-name Nessus scans. Fixed using an isset() check.
2019-01-15 16:55:42 -07:00
eec2c371fe
fix: fix host_list overwriting with eChecklist 2019-01-15 14:56:57 -05:00
bb9e2f4adb
fix(eChecklist): Fix bug with eChecklist note duplication
parse_excel_echecklist.php - change preg_match to a stripos method check for notes string and add update_Scan_Host_List call after importing all worksheets
database.inc - add a check for if appending a duplicate string to the checklist notes. add update_Target_Counts call when updating host list

fix #80, #10
2019-01-15 13:08:49 -05:00
99eb5342cf
fix(eChecklist-import): Fix error with formulas in status column
This should remedy the reported behavior of statuses quietly being changed to "Not Reviewed".
scan.inc - Added new set_Host_Error method to set the error value for a specific host
parse_excel_echecklist.php - explicitly check for the status to equal 1-of-7 expected values, if not, add note to finding, set scan error message, and default status to "Not Reviewed"
export.php - Added cell lock for A11:E{last row} with the default password of "sagacity" (all lowercase)

Fixes #80
2019-01-09 21:49:58 -05:00
8973c2e046
fix(ckl-export): Fix bug when exporting CKL
Added a "group by STIG_ID" statement to fix a bug.  This is a short-term fix as it will result in random VMS IDs populating where there is a duplicate.  A real fix will require capturing the checklist ID and saving it as part of the VMS ID.

#78 fixed
2019-01-09 20:17:13 -05:00
a32988ed03
parse_excel_echecklist.php:
Skip parsing orphan worksheet
Issue error if there are more than 100 targets in any worksheet
Save findings when you get above 1000

database.inc:
Comment out block of code to retrieve orphan findings to export to the eChecklist

setup.php:
Convert possible algorithms to lower case. (should fix bug that person on FB was seeing).
2018-12-14 09:32:40 -05:00
dfb81bf388
Updates 2018-12-01 23:21:20 -05:00
5849a2620e
Fix for #75 2018-11-29 14:32:45 -05:00
3deecb098b
Fix for #73 2018-11-27 09:31:48 -05:00
ca89e02c4e host_list.inc - Added method to increase finding count
system.inc - fixed typo
parse_excel_echecklist.php - added functionality to assign OS and checklists based on worksheet contents
database.inc - Added a couple methods to support changes for #25
export.php - Minor change to OS listing and added add_cell_comment method to migrate scanner notes to a comment instead of the main note (separating the scanner and anaylst comments)
2018-11-08 17:26:27 -05:00
a9fc4f6a86 Merge branch 'v1.3.4' of https://github.com/cyberperspectives/sagacity into v1.3.4 2018-11-06 15:37:55 -05:00
21082c7513 checklist.inc - deleted duplicate BIND 9 checklist icon entry
finding.inc - removed ID property to prevent duplicate findings from being added to the table
host_list.inc - deleted unused constructor
import.inc - formatting
db_schema.json - removed sagacity.findings.id field (making tgt_id and pdi_id new primary keys), and updated references
Database_Baseline.zip - updated routines for above change
background_results.php - fixed bug #19
export-ckl.php - performance adjustments
parse_excel_echecklist.php - performance improvements, ensure duplicate findings are not created, make eChecklist true status, update for removing findings.id field
parse_nvd_json_cve.php - convert reading json to array instead of object for reading CPEs (which were updated to CPE 2.3 instead of 2.2)
parse_* - remove findings.id field
database.inc - formatting, and update for removing findings.id field
index.php - ensure user can't import a host list without uploading a host list file

Fixed:
#65, #51, #28, #27, #10
2018-11-06 15:36:48 -05:00
Jeff Odegard
f1cab13251
Add ROLE to .ckl ASSET Tag and delete HOST_GUID
These changes make the .ckl exports compatible with the latest STIG Viewer 2.8.
2018-10-29 19:42:36 -06:00
5d8711d494 Fix bug #49
Revert update_db.php to download compilation STIG library instead of individual as links are inconsistent (#60, #64, #61
Add scape_webpage method to helper.inc for future efforts
Fixed typo in uninstall.bat
2018-10-29 13:19:31 -04:00
ab9005f0c3 Partial bug fix for #62 since new versions of SCC include extra characters in the VMS ID. 2018-10-27 12:20:33 -04:00
7f2f6a9046 Fix for #60
Some formatting
Die if installer.php fails to create password file
Update target counts after importing eChecklist and CKL
2018-10-25 17:48:57 -04:00
e995c0e78e Fixed a couple typos 2018-10-23 18:46:40 -04:00
17dbe134cc Database_Baseline.zip - Revisions for creating views and routines
installer.php - Fix bug when
update_db.php - Converted STIG download to identify the zip files from the a-z master list and download them individually instead of downloading the compilation zip file.  Also integrated the sunset list into the same process so ALL STIGs are downloaded and imported at the same time
2018-10-19 18:45:08 -04:00
98ea166a22 Fix for #10, #57, & #58 2018-10-17 22:19:41 -04:00
fc22e6875e Fix for #49 2018-10-16 12:24:10 -04:00
684d1e4b19 Enhancement to add #11 2018-09-26 10:41:20 -04:00
dde7409f01 Bug fix for #26
Make sure debug log does not output integers, but only mysqli_result object in db_helper
Couple other fixes
2018-09-26 10:39:38 -04:00
927ae69743 ajax.php - sort checklists
background_stigs.php - change to support adding sunset STIGs to update_db.php
parse_nessus.php/parse_nmap.php - disable post processing until the end of reading the file
update_db.php - Add sunset STIGs downloading and parsing
database.inc - Removed unnecessary variables ($key, etc), fixed typo (proc_ia_control v. proc_ia_controls), fix typo line 11072, added query_type to other queries in post_Processing method, call update_Target_Count method at the end of post_Processing, convert update_Target_Count to use queries instead of get_pdi_count and get_finding_count views (caused a performance hit), removed calling update_Target_Count from save_Target method to support previously mentioned changes
index.php - removed ajax timeout when bulk removing targets
2018-09-18 19:53:19 -04:00
422ff8094a Fix for bug #9 2018-09-11 16:51:23 -04:00
d41c1f9e21 Moved NVD CVE parse progress to update_db and changed download progress to update overall instead of each file progress (bug #6)
Added include for autoload in helper.inc (bug #7)
Removed a few unnecessary variables
2018-09-06 13:43:23 -04:00
9edd6c1c35 Fixes to bug #5 2018-08-28 20:46:48 -04:00
d6b6fe159d Fix to #4 2018-08-21 17:29:25 -04:00
CyberPerspectives
750094e3b5 Revision of release v1.3.2 2018-07-26 08:33:50 -04:00
Ryan Prather
8c38a6cdb9 initial commit of SVN release repo 2018-05-07 10:51:08 -04:00