File Coverage

blib/lib/OpenServices/SNMP/Plugin/CVE.pm
Criterion Covered Total %
statement 10 12 83.3
branch n/a
condition n/a
subroutine 4 4 100.0
pod n/a
total 14 16 87.5


line stmt bran cond sub pod time code
1             package OpenServices::SNMP::Plugin::CVE;
2              
3 1     1   16605 use 5.006;
  1         4  
  1         40  
4 1     1   4 use strict;
  1         1  
  1         46  
5 1     1   4 use warnings FATAL => 'all';
  1         5  
  1         55  
6              
7 1     1   194 use NetSNMP::agent qw(:all);
  0            
  0            
8             use NetSNMP::ASN qw(:all);
9              
10              
11             # Extend this hash map with future vulnerabilities_checks.
12             # Each new chack should increment
13             my %checks = (
14             '.2014.6271' => sub {
15             return qx/env x='() { :;}; echo vulnerable' bash -c 'true'/ =~ /^vulnerable$/ ? 0xFF : 0x00;
16             },
17             '.2014.7169' => sub {
18             return qx/env X='() { (a)=>\' sh -c 'echo safe'; cat echo/ !~ /^safe$/ ? 0xFF : 0x00;
19             },
20             '.2014.7186' => sub {
21             return qx/bash -c 'true <
22             },
23             '.2014.7187' => sub {
24             return qx/bash -c '(for x in {1..200} ; do echo "for x\$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || echo "vulnerable"'/ =~ /^vulnerable$/ ? 0xFF : 0x00;
25             },
26             );
27              
28             =head1 NAME
29              
30             OpenServices::SNMP::Plugin::CVE - Check for local CVEs
31              
32             =head1 VERSION
33              
34             Version 0.01
35              
36             =cut
37              
38             our $VERSION = '0.01';
39              
40             =head1 BASE OID
41              
42             NetSNMP::OID(".1.3.6.1.4.1.36425.256.1");
43              
44             =cut
45              
46             our $BASEOID = new NetSNMP::OID(".1.3.6.1.4.1.36425.256.1");
47              
48             =head1 SYNOPSIS
49              
50             Check if local CVEs are exploitable on the system. This currently covers the following CVEs.
51              
52             CVE-2014-6271
53             CVE-2014-7169
54             CVE-2014-7186
55             CVE-2014-7187
56              
57             To use this submodule in your snmpd agent add the following line to your snmpd.conf file.
58              
59             perl require OpenServices::SNMP::Plugin; OpenServices::SNMP::Plugin->init($agent);
60              
61             It exposes the number of found exploitable CVEs on the OID 1.3.6.1.4.1.36425.256.1 and each separate CVE as an integer at the OID
62             1.3.6.1.4.1.36425.256.1.. where 1 means the CVE is exploitable and 0 that the CVE is not found.
63              
64             =head1 SUBROUTINES/METHODS
65              
66             =head2 init
67              
68             =cut
69              
70             sub init {
71             my ($self, $agent) = @_;
72             if (!$agent) {
73             print STDERR "No \$agent defined\n";
74             print STDERR "Please check your snmp_perl.pl that should be included in you net-snmp distribution.\n";
75             exit 1;
76             }
77              
78             printf STDERR "Registering %s handler.\n", __PACKAGE__;
79             $agent->register(__PACKAGE__, $BASEOID, \&handler);
80             }
81              
82             =head2 handler
83              
84             =cut
85              
86             sub handler {
87             my ($handler, $registration_info, $request_info, $requests) = @_;
88             my $request;
89              
90             if (!keys %checks) {
91             return;
92             }
93              
94             for($request = $requests; $request; $request = $request->next()) {
95             my $oid = $request->getOID();
96             if ($request_info->getMode() == MODE_GET) {
97             if ($oid == $BASEOID) {
98             $request->setValue(ASN_INTEGER, scalar keys %checks);
99             } else {
100             foreach my $check_oid (sort keys %checks) {
101             if ($oid == $BASEOID + $check_oid) {
102             $request->setValue(ASN_INTEGER, $checks{$check_oid}->());
103             }
104             }
105             }
106             } elsif ($request_info->getMode() == MODE_GETNEXT) {
107             if ($oid < $BASEOID) {
108             $request->setOID($BASEOID);
109             $request->setValue(ASN_INTEGER, scalar keys %checks);
110             } else {
111             foreach my $check_oid (sort keys %checks) {
112             if ($oid < $BASEOID + $check_oid) {
113             $request->setOID($BASEOID + $check_oid);
114             $request->setValue(ASN_INTEGER, $checks{$check_oid}->());
115             last;
116             }
117             }
118             }
119             }
120             }
121             }
122             =head1 AUTHOR
123              
124             Michael Fladischer, C<< >>
125              
126             =head1 BUGS
127              
128             Please report any bugs or feature requests to C, or through
129             the web interface at L. I will be notified, and then you'll
130             automatically be notified of progress on your bug as I make changes.
131              
132              
133              
134              
135             =head1 SUPPORT
136              
137             You can find documentation for this module with the perldoc command.
138              
139             perldoc OpenServices::SNMP::Plugin::CVE
140              
141              
142             You can also look for information at:
143              
144             =over 4
145              
146             =item * RT: CPAN's request tracker (report bugs here)
147              
148             L
149              
150             =item * AnnoCPAN: Annotated CPAN documentation
151              
152             L
153              
154             =item * CPAN Ratings
155              
156             L
157              
158             =item * Search CPAN
159              
160             L
161              
162             =back
163              
164              
165             =head1 ACKNOWLEDGEMENTS
166              
167              
168             =head1 LICENSE AND COPYRIGHT
169              
170             Copyright 2014 Michael Fladischer.
171              
172             This program is free software; you can redistribute it and/or modify it
173             under the terms of the the Artistic License (2.0). You may obtain a
174             copy of the full license at:
175              
176             L
177              
178             Any use, modification, and distribution of the Standard or Modified
179             Versions is governed by this Artistic License. By using, modifying or
180             distributing the Package, you accept this license. Do not use, modify,
181             or distribute the Package, if you do not accept this license.
182              
183             If your Modified Version has been derived from a Modified Version made
184             by someone other than you, you are nevertheless required to ensure that
185             your Modified Version complies with the requirements of this license.
186              
187             This license does not grant you the right to use any trademark, service
188             mark, tradename, or logo of the Copyright Holder.
189              
190             This license includes the non-exclusive, worldwide, free-of-charge
191             patent license to make, have made, use, offer to sell, sell, import and
192             otherwise transfer the Package with respect to any patent claims
193             licensable by the Copyright Holder that are necessarily infringed by the
194             Package. If you institute patent litigation (including a cross-claim or
195             counterclaim) against any party alleging that the Package constitutes
196             direct or contributory patent infringement, then this Artistic License
197             to you shall terminate on the date that such litigation is filed.
198              
199             Disclaimer of Warranty: THE PACKAGE IS PROVIDED BY THE COPYRIGHT HOLDER
200             AND CONTRIBUTORS "AS IS' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES.
201             THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
202             PURPOSE, OR NON-INFRINGEMENT ARE DISCLAIMED TO THE EXTENT PERMITTED BY
203             YOUR LOCAL LAW. UNLESS REQUIRED BY LAW, NO COPYRIGHT HOLDER OR
204             CONTRIBUTOR WILL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, OR
205             CONSEQUENTIAL DAMAGES ARISING IN ANY WAY OUT OF THE USE OF THE PACKAGE,
206             EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
207              
208              
209             =cut
210              
211             1; # End of OpenServices::SNMP::Plugin::CVE