There are problems with the Net-HTTPS transport. Convert to using the Rex library from Metasploit.

The gem does not currently implement the following MultiTenant calls:

• MultiTenantUserConfigRequest
• MultiTenantUserUpdateRequest

Ideal

• Remove the NexposeAPI module from other classes and define a Nexpose::API namespace
• Alias NexposeAPI if backwards compat. is required. (possibly define NexposeAPI as a method that warns of the deprecation and returns Nexpose::API method)
• OPTION 1: Move all method definitions into a file under lib/nexpose_api/$CLASS and include all the API modules into Nexpose::API
• OPTION 2: Move NexposeAPI into lib/nexpose_api.rb and move all method definitions into the new file

The following Silo management calls are not currently implemented in the gem:

• SiloConfigRequest
• SiloProfileConfigRequest
• SiloProfileUpdateRequest
• SiloUpdateRequest

Site class does not have attributes for organization details, which means that Load and Copy don't bring this information over for editing or re-use.

I end up getting this error in a script used for ControlsInsight's automation:

Nexpose::APIError: NexposeAPI: Action failed: A repository error occurred while attempting
to create a site credential

I only access credentials via this in my script:

site.credentials << Nexpose::Credential.for_service(
  Nexpose::Credential::Type::CIFS,
  username,
  password
)

vuln id passed to create_ticket need to be lowercase. documentation does not say so.

Implement the EngineActivityRequest call to the Nexpose API, which provides a list of current scan activities for a specific Scan Engine.

Several objects in filter.rb have to_map methods. It is Ruby standard to use to_h to indicate a method which converts an object to a hash map representation. We should convert these over.

If we don't create a backwards-compatible alias to still respond to to_map, please provide a solid explanation why.

If data['response'] is "failure." then an APIError should be raised. I suppose this may not be the expected functionality so I've opened an issue vs. PR for discussion.

I also think that DynamicAssetGroup#save should return the group ID vs. true/false. Is there a recommended way to retrieve this ID or is the only solution gathering all asset groups and searching by name and get the ID from the new asset group summary?

Looks like only host/ranges and not host/hosts are included in the site configuration. When making changes and saving back to the instance, any configured host elements are lost. Also the host element appears to have changed from 'hostname' to just 'host' as least on Community version 5.2.3

diff --git a/lib/nexpose/site.rb b/lib/nexpose/site.rb
index 5d87686..3d8e129 100644
--- a/lib/nexpose/site.rb
+++ b/lib/nexpose/site.rb
@@ -502,6 +502,9 @@ module Nexpose
s.elements.each('Hosts/range') do |r|
@hosts.push(IPRange.new(r.attributes['from'], r.attributes['to']))
end

•    s.elements.each('Hosts/host') do |r|
  

•      @hosts.push(HostName.new(r.text))
  

•    end
          s.elements.each('ScanConfig') do |c|
              @scanConfig = ScanConfig.new(c.attributes['configID'],
                                           c.attributes['name'],
  

  @@ -848,7 +851,7 @@ module Nexpose
  include Sanitize

  def to_xml
  

•       "<hostname>#{replace_entities(hostname)}</hostname>"
  

•       "<host>#{replace_entities(hostname)}</host>"
  end
  

  end

I am trying to list all of the devices per site with associated risk score, and the @nsc.site_device_listing(site[:site_id]) appears to be returning invalid info. It appears that this would be the correct way to retrieve the data. In the example below, the total site risk score should be reflected in the hosts also.

Example Code

sites = @nsc.site_listing || []
sites.each do |site|
    ap @nsc.site_device_listing(site[:site_id])
    puts("    Site ##{site[:site_id]} '#{site[:name]}' Risk Factor: #{site[:risk_factor]} Risk Score: #{site[:risk_score]}")
end

Example Output

[
    [0] {
          :device_id => 9,
            :address => "123.123.123.124",
        :risk_factor => 0.0,
         :risk_score => 0.0
    },
    [1] {
          :device_id => 6,
            :address => "123.123.123.123",
        :risk_factor => 0.0,
         :risk_score => 0.0
    }
]
Site #7 'Production Misc' Risk Factor: 1.0 Risk Score: 1252.2251

Version Info

Ruby: ruby 1.9.2p180 (2011-02-18 revision 30909) [x86_64-linux]
nexpose-client: nexpose (0.0.98)
nexpose: 5.4.1 Enterprise
Last content update: 4122285428 (Wednesday, August 15, 2012 12:04:56 PM GMT)
Last product update : 4038634561 (Wednesday, August 15, 2012 12:00:00 PM GMT)

Hi there, unfortunately it seems Nexpose Gem has a syntax that doesn't work with Ruby 1.8.7.

/Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@engage/gems/nexpose-0.1.8/lib/nexpose.rb:67:in `require': /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@engage/gems/nexpose-0.1.8/lib/nexpose/site.rb:94: syntax error, unexpected '.', expecting kEND (SyntaxError)
                                .max_by { |scan| scan.end_time }
                                 ^
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@engage/gems/nexpose-0.1.8/lib/nexpose.rb:67
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler/runtime.rb:68:in `require'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler/runtime.rb:68:in `require'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler/runtime.rb:66:in `each'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler/runtime.rb:66:in `require'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler/runtime.rb:55:in `each'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler/runtime.rb:55:in `require'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler.rb:119:in `require'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler/cli.rb:493:in `console'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler/vendor/thor/task.rb:22:in `send'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler/vendor/thor/task.rb:22:in `run'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler/vendor/thor/invocation.rb:118:in `invoke_task'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler/vendor/thor.rb:263:in `dispatch'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/lib/bundler/vendor/thor/base.rb:386:in `start'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/gems/bundler-1.1.5/bin/bundle:13
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/bin/bundle:23:in `load'
    from /Users/thesp0nge/.rvm/gems/ruby-1.8.7-p358-i386@global/bin/bundle:23

Using Ruby 1.9.3 with the same Gemset, the code works

As you are working the asset.rb search feature, would you consider this as a temporary solution in site.rb:

def site_device_by_address(site_id = nil, address)
  r = execute(make_xml('SiteDeviceListingRequest', {'site-id' => site_id}))

  if r.success
    r.res.elements.each('SiteDeviceListingResponse/SiteDevices') do |site|
      site_id = site.attributes['site-id'].to_i
      site.elements.each('device') do |device|
         if device.attributes['address'] == address
            return device
         end
      end
    end
  end
  return nil
end

Please keep in mind that I would hope to have future changes made to eliminate the requirement to pull all site devices via the site_device_listing, especially for really large sites. We have a site with 200k devices. It would be great to pass the address filter all the way up through to the where clause in the sql select.

There is some shared functionality between the Credential and Shared Credential class. Perhaps this can be split out into a module. In particular, the gem currently only exposes the test method for shared credentials.

I would call the common module (or class, if that makes sense) Credential, and then rename the existing class with that name to SiteCredential.

Then, in order to have both use the test method, make sure that both implement a to_hash method which provides the required format for testing a credential.

The gem no longer needs to use Nokogiri as a dependency. We have two options:

1. Sit on it, since we may want to use it for parsing some response objects which are large. If this is the case, we don't have any customers currently complaining about it.
2. Strip it out, and only re-introduce it if needed. (We are moving toward a JSON API, so this makes more sense to me immediately).

ReportTemplate delete does not work. Not supported by Nexpose.

Running scans is a task that is useful to automate.

Line 263 in site.rb will sanitize site name, but not description:

xml = %(<Site id='#{id}' name='#{replace_entities(name)}' description='#{description}' riskfactor='#{risk_factor}'>)

This results in an error when trying to save a site that has any of the following in the description: & ' " < >

To reproduce:

Using the web UI in Nexpose:

1. Create a site with any title
2. Set the description to contain any of & ' " < >

Then, using a Ruby script with the gem:
3. Load the site
4. Save the site

Trying to call any variation of list_shared_credentials fails with the following error:

irb(main):029:0> old_nsc.list_shared_credentials
NoMethodError: undefined method auth_type=' for #<Nexpose::SharedCredentialSummary:0x007f8093c3d9d8> from /Library/Ruby/Gems/2.0.0/gems/nexpose-0.8.1/lib/nexpose/shared_cred.rb:53:infrom_json'
from /Library/Ruby/Gems/2.0.0/gems/nexpose-0.8.1/lib/nexpose/shared_cred.rb:10:in block in list_shared_credentials' from /Library/Ruby/Gems/2.0.0/gems/nexpose-0.8.1/lib/nexpose/shared_cred.rb:10:inmap'
from /Library/Ruby/Gems/2.0.0/gems/nexpose-0.8.1/lib/nexpose/shared_cred.rb:10:in list_shared_credentials' from (irb):29 from /usr/bin/irb:12:in

vuln.rb:461 currently has this regex:

expiration_date =~ /\A\desc{4}-(\desc{2})-(\desc{2})\z/

I believe it should be:

expiration_date =~ /\A\d{4}-(\d{2})-(\d{2})\z/

The gem only implements the listing request at this time. The following calls are not implemented:

• RoleCreateRequest
• RoleDeleteRequest
• RoleDetailsRequest
• RoleUpdateRequest

Ruby 1.9.3 ended normal maintenance on 2014-02-23 and will finish security maintenance on 2015-02-23. [https://bugs.ruby-lang.org/projects/ruby/wiki/ReleaseEngineering].

Once 1.9.3 is completely EOL, we should bump the gem spec required_ruby_version.

The gem does not currently support the API call AssetGroupSaveRequest.

When implementing this. all Asset Group calls should be grouped into a single .rb file (probably group.rb).

Assume you've built and scanned a site, but no reports are configured. This won't work:

Nexpose::ReportConfig.build(nsc, site.id, site.name, report_type, report_format, true)

When the last argument is true, the report is supposed to run immediately, however it doesn't because a Frequency is added which says generate only after the scan.

In short, with the gem you cannot report on a site immediately after creating the report config.

Make the github wiki for the gem helpful. Perhaps put some guidelines, examples, etc. there.

Also, as older methods are deprecated in favor of a unified interface, perhaps provide transition guides for those looking to upgrade their scripts.

Hi there, creating an ad hoc report, if you supply 'text' or 'csv' file format Rex library complains about parse errors.

Using 'html' or 'raw-xml' report is generated.

report = Nexpose::ReportAdHoc.new(nsc, 'report-card', 'text')
report.addFilter('scan', scan[:scan_id])
puts report.generate

You didn't ignore!

Adjust the comments throughout the code to produce useful RDoc. For example, if you visit the gem page (i.e., through http://rubygems.org/gems/nexpose), there is no clear starting point, and it isn't clear that many of the useful methods are actually exposed through the Nexpose::NexposeAPI module's documentation.

When adding new documentation, covert to using YARDoc style.

I there, after the today software update, when I asked nexpose a CSV report the format is application/xml;charset=UTF-8 and so code in ReportAdHoc.generate doesn't work anymore. Note that when asking for a raw-xml the answer is multipart/mixed; boundary=AxB9sl3299asdjvbA;charset=UTF-8 and the API doesn't return nil.

Has the product update changed something?

The gem does not currently implement any of the Discovery Connection calls to the API.

• DiscoveryConnectionConnectRequest
• DiscoveryConnectionCreateRequest
• DiscoveryConnectionDeleteRequest
• DiscoveryConnectionListingRequest
• DiscoveryConnectionUpdateRequest

When implemented, they should be grouped into a common .rb file, perhaps discovery.rb.

load an asset group and use rescan_assets to experience an error:

2.0.0p247 :043 > my_scan_group.rescan_assets(nsc)
ArgumentError: wrong number of arguments (1 for 2)
    from /home/gschneider/.rvm/gems/ruby-2.0.0-p247/gems/nexpose-0.6.1/lib/nexpose/scan.rb:61:in `scan_assets'
    from /home/gschneider/.rvm/gems/ruby-2.0.0-p247/gems/nexpose-0.6.1/lib/nexpose/group.rb:115:in `block in rescan_assets'
    from /home/gschneider/.rvm/gems/ruby-2.0.0-p247/gems/nexpose-0.6.1/lib/nexpose/group.rb:113:in `each'
    from /home/gschneider/.rvm/gems/ruby-2.0.0-p247/gems/nexpose-0.6.1/lib/nexpose/group.rb:113:in `rescan_assets'
    from (irb):43
    from /home/gschneider/.rvm/rubies/ruby-2.0.0-p247/bin/irb:13:in `<main>'

Hi there, I have a small ruby utility I daily use in my job to fetch data from my Nexpose server (https://github.com/thesp0nge/nexty).

When moving form nexpose gem from version 0.1.4 (included) and later, after being successfully authenticated, all further requests fails. Session ID is not nil as stated before, however my code searching for an IP is not working, instead using gem version 0.1.3 works like a sharm.

Paolo

The gem does not currently implement the PendingVulnExceptionsCountRequest call.

The gem does not currently implement the following ticketing calls:

• TicketDetailsRequest
• TicketListingRequest

When saving a VulnException with a comment the method takes in the passed int comment variable but later repurposes into a comment element which drops the string object and then passes itself into the text field making the comment object have blank text.

Site.save for Dynamic Sites is referencing old URLs that no longer exist. Probably also need to change the type of data being sent (XML or JSON instead of form parameters) to make it work again.

Problems are at:
site.rb:248-260

site.rb:299-311

site.rb:467-484

This is in gem versions 0.8.0 and 0.8.1 and Nexpose 5.9.20

This is inconsistent with many other constructors in the gem.

I have several huge reports to download and I have been having the console generate them after every scan. This approach works but I have to have enough disk space for the console to store them. My problem is that I don't have this much disk space to work with.

My solution is to switch from the console generating the report and then me downloading it to using the new Connection::past_scans method and Nexpose::AdhocReportConfig. I run my code in a cronjob that generates and downloads scans since it's last run. Seems simple enough.

Minimal code snippit is below.

nsc = Nexpose::Connection.new(...)
nsc.login
most_recent = nil
scans = nsc.past_scans(expected*4)
scans.reject! { |scan| scan.end_time.to_i < most_recent.end_time.to_i  || scan.id == most_recent.id } if not most_recent.nil?
#### ... code to change #{expected} for next run... ####
nsc.logout
scans.peach(2) do |scan| #download 2 reports at a time
  local_nexpose = Nexpose::Connection.new(...)
  local_nexpose.login
  config = Nexpose::AdhocReportConfig.new('audit-report', 'raw-xml-v2', nil, nil, 0)
  config.add_filter('scan', scan.id)
  raw_xml = config.generate(local_nexpose, timeout=3600)
  File.write("unique_name.xml", raw_data)
  most_recent = scan
  local_nexpose.logout
end

Commit 7903b8d was a great step since I can now download 200MB reports however I still crash on reports larger than 350MB. I have looked at making the reports smaller however I need every report to contain exactly 1 whole network site. Some of these sites have about 1000 RHSA updates that need to be applied and each of these updates contains way too much vulnerability information.

Stacktrace is below.

Downloading scan 412687 for <SITENAME_THATS_NOT_PUBLIC>.
/home/<username>/.rvm/gems/ruby-2.1.5/gems/nexpose-0.8.19/lib/nexpose/api_request.rb:128:in `execute': NexposeAPI: Action failed: Error parsing response: #<RegexpError: failed to allocate memory: /\A([^<]*)/m> (Nexpose::APIError)
/home/<username>/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/rexml/source.rb:219:in `match'
/home/<username>/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/rexml/source.rb:219:in `match'
/home/<username>/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/rexml/parsers/baseparser.rb:426:in `pull_event'
/home/<username>/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/rexml/parsers/baseparser.rb:184:in `pull'
/home/<username>/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/rexml/parsers/treeparser.rb:22:in `parse'
/home/<username>/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/rexml/document.rb:287:in `build'
/home/<username>/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/rexml/document.rb:44:in `initialize'
/home/<username>/.rvm/gems/ruby-2.1.5/gems/nexpose-0.8.19/lib/nexpose/util.rb:12:in `new'
/home/<username>/.rvm/gems/ruby-2.1.5/gems/nexpose-0.8.19/lib/nexpose/util.rb:12:in `parse_xml'
/home/<username>/.rvm/gems/ruby-2.1.5/gems/nexpose-0.8.19/lib/nexpose/api_request.rb:50:in `execute'
/home/<username>/.rvm/gems/ruby-2.1.5/gems/nexpose-0.8.19/lib/nexpose/api_request.rb:127:in `execute'
/home/<username>/.rvm/gems/ruby-2.1.5/gems/nexpose-0.8.19/lib/nexpose/connection.rb:90:in `execute'
/home/<username>/.rvm/gems/ruby-2.1.5/gems/nexpose-0.8.19/lib/nexpose/report.rb:238:in `generate'
test.rb:71:in `block in <main>'
/home/<username>/.rvm/gems/ruby-2.1.5/gems/peach-0.5.1/lib/peach.rb:22:in `block (2 levels) in peach'
/home/<username>/.rvm/gems/ruby-2.1.5/gems/peach-0.5.1/lib/peach.rb:22:in `each'
/home/<username>/.rvm/gems/ruby-2.1.5/gems/peach-0.5.1/lib/peach.rb:22:in `block in peach'
/home/<username>/.rvm/gems/ruby-2.1.5/gems/peach-0.5.1/lib/peach.rb:13:in `block (2 levels) in _peach_run'
...
Exception parsing
Line: 1282579
Position: 100040694
Last 80 unconsumed characters:
 Content-Transfer-t/xml; name=report.xml
        from /home/<username>/.rvm/gems/ruby-2.1.5/gems/nexpose-0.8.19/lib/nexpose/connection.rb:90:in `execute'
        from /home/<username>/.rvm/gems/ruby-2.1.5/gems/nexpose-0.8.19/lib/nexpose/report.rb:238:in `generate'
        from test.rb:71:in `block in <main>'

According to the stacktrace, the issue is actually in REXML however REXML developers already closed the issue with a status of "WILL NOT FIX" saying that it's a problem with Base64 encoding and XML.

As far as I can tell, the only reason the Nexpose gem is parsing the XML is to check the value of the success attribute on the root node. There is probably not a reason to have the gem parse the entire report if the report is larger than 32MB. I have a monkey patch that drops the header and footer and uses the Base64 module to get me the raw xml. This patch is really slow though since it causes the generic errors in APIRequest::execute to trigger retrying 5 times. I would rather help fix the issue upstream than throw 3 or 4 monkey patches into production.

I am trying to list all of the devices per site with associated risk score, and the @nsc.site_device_listing(site[:site_id]) appears to be returning invalid info. It appears that this would be the correct way to retrieve the data. In the example below, the total site risk score should be reflected in the hosts also.

Example Code

sites = @nsc.site_listing || []
sites.each do |site|
    ap @nsc.site_device_listing(site[:site_id])
    puts("    Site ##{site[:site_id]} '#{site[:name]}' Risk Factor: #{site[:risk_factor]} Risk Score: #{site[:risk_score]}")
end

Example Output

[
    [0] {
          :device_id => 9,
            :address => "123.123.123.124",
        :risk_factor => 0.0,
         :risk_score => 0.0
    },
    [1] {
          :device_id => 6,
            :address => "123.123.123.123",
        :risk_factor => 0.0,
         :risk_score => 0.0
    }
]
Site #7 'Production Misc' Risk Factor: 1.0 Risk Score: 1252.2251

Version Info

Ruby: ruby 1.9.2p180 (2011-02-18 revision 30909) [x86_64-linux]
nexpose-client: nexpose (0.0.98)
nexpose: 5.4.1 Enterprise
Last content update 4122285428 (Wednesday, August 15, 2012 12:04:56 PM GMT)
Last product update 4038634561 (Wednesday, August 15, 2012 12:00:00 PM GMT)

When creating a new Nexpose::ReportHistory(connection,config_id)
The error is raised:
ruby-1.8.7-p334 :022 > Nexpose::ReportHistory.new(connection,223)
NoMethodError: undefined method geturl' for #<Nexpose::Connection:0x7f86bf934890> from /home/bhamilton/.rvm/gems/[email protected]/gems/nexpose-0.0.8/lib/nexpose.rb:2536:ininitialize'
from (irb):22:in `new'
from (irb):22
from :0

The instance methods available on the connection class do not include a geturl. The connection does have a url method.
I am looking for a fix myself but wanted to let you know it looks broken. If I am going about this the wrong way let me know.

When attempting to modify a dynamic site (for instance, changing an alert), calling Site.save results in an APIError:
<ajaxResponse success="0"> <Errors> <Error>Insufficient privileges to remove credentials</Error> </Errors> </ajaxResponse>

However I did not modify the credentials of the loaded site and static sites do not give the same error. Am I unaware of something that's different about handling dynamic sites? The documentation only mentions that connection and asset filter changes must be saved through the DiscoveryConnection#update_site call.

nexpose.rb:1841:in initialize': undefined local variable or methodresponse' for Nexpose::SiteDeviceListing:0x007fce3315b9c8 (NameError)

Needs updating to:

BEFORE::

    if(r.success)
        respsonse.elements.each('SiteDeviceListingResponse/SiteDevices/device') do |d|
            @devices.push(Device.new(d.attributes['id'],@site_id,d.attributes["address"],d.attributes["riskfactor"],d.attributes['riskscore']))
        end
    end

AFTER::

    if(r.success)
        r.res.elements.each('SiteDeviceListingResponse/SiteDevices/device') do |d|
            @devices.push(Device.new(d.attributes['id'],@site_id,d.attributes["address"],d.attributes["riskfactor"],d.attributes['riskscore']))
        end
    end

As a user of the API I've been writing my own scripts for certain actions. You can see my nexpose-cli.rb script here.

If I attempt to Site.load a Dynamic site my script crashes with
C:/Ruby193/lib/ruby/gems/1.9.1/gems/nexpose-0.8.4/lib/nexpose/filter.rb:302:in initialize': undefined methodupcase' for nil:NilClass (NoMethodError)
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/nexpose-0.8.4/lib/nexpose/filte
r.rb:332:in new' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/nexpose-0.8.4/lib/nexpose/filte r.rb:332:inparse'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/nexpose-0.8.4/lib/nexpose/site.
rb:323:in load_dynamic_attributes' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/nexpose-0.8.4/lib/nexpose/site. rb:221:inload'

Implement the ScanListingRequest API call through the gem.

Alerts are not correctly parsed from site configurations when loading them from a Nexpose console. An attempt to save a site which contains an alert will fail to save with a 'name cannot be null' error.

The underlying XML is not correctly parsed or used.

Here is an example of the three kinds of alerts.

SMTP

<Alert name="Scan Completion e-mail" enabled="1" maxAlerts="1">
  <scanFilter scanStart="0" scanStop="1" scanFailed="0" scanResumed="0" scanPaused="0"/>
  <vulnFilter severityThreshold="1" confirmed="0" unconfirmed="0" potential="0"/>
  <smtpAlert sender="[email protected]" server="smtp.company.com" limitText="0">
    <recipient>[email protected]</recipient>
  </smtpAlert>
</Alert>

Syslog

<Alert name="syslog attempt" enabled="1" maxAlerts="1">
  <scanFilter scanStart="1" scanStop="0" scanFailed="0" scanResumed="0" scanPaused="0"/>
  <vulnFilter severityThreshold="1" confirmed="0" unconfirmed="1" potential="1"/>
  <syslogAlert server="syslog.company.com"/>
</Alert>      

SNMP

<Alert name="snmp" enabled="1" maxAlerts="2">
  <scanFilter scanStart="0" scanStop="0" scanFailed="0" scanResumed="0" scanPaused="1"/>
  <vulnFilter severityThreshold="8" confirmed="1" unconfirmed="0" potential="0"/>
  <snmpAlert community="communityname" server="managementserver"/>
</Alert>

The ScanTemplate.copy function fails because id cannot be set and the title attribute should be name instead.

scan_template.rb line 352

Code comment for SCAN_DATE field describes EARLIER_THAN as a valid operator, but there is no EARLIER_THAN constant defined.

In filter.rb line 115