Modified OVAL for HP-UX 11
|
|
Wood, Michael
|
Here is a modified OVAL for HP-UX 11 we would like to submit.
oval:org.mitre.oval:def:5159 CVE-2001-1564 Thanks, Michael Wood Hewlett-Packard To unsubscribe, send an email message to LISTSERV@... with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to OVAL-DISCUSSION-LIST-request@.... <?xml version="1.0" encoding="UTF-8"?> <oval_definitions xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux hpux-definitions-schema.xsd" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"> <generator> <oval:product_name>The OVAL Repository</oval:product_name> <oval:schema_version>5.4</oval:schema_version> <oval:timestamp>2008-07-30T12:26:37.038-04:00</oval:timestamp> </generator> <definitions> <definition id="oval:org.mitre.oval:def:5159" version="0" class="vulnerability"> <metadata> <title>HP-UX Running setrlimit(1M), Denial of Service (DoS)</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2001-1564" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1564"/> <description>setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropeed, which could allow local users to cause a denial of service by exhausting available disk space.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:34.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> <status_change date="2008-07-14T10:52:28.383-04:00">DRAFT</status_change> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00156"> <criterion comment="HP Release B.11.04" test_ref="oval:org.mitre.oval:tst:3294"/> <criterion negate="true" comment="Patch PHKL_23886 is installed" test_ref="oval:org.mitre.oval:tst:8524"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00156"> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criterion negate="true" comment="Patch PHKL_23423 is installed" test_ref="oval:org.mitre.oval:tst:8096"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00156"> <criterion comment="HP Release B.11.00" test_ref="oval:org.mitre.oval:tst:3571"/> <criterion negate="true" comment="Patch PHKL_23628 is installed" test_ref="oval:org.mitre.oval:tst:8405"/> </criteria> </criteria> </definition> </definitions> <tests> <patch53_test id="oval:org.mitre.oval:tst:8524" version="1" comment="Patch PHKL_23886 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux"> <object object_ref="oval:org.mitre.oval:obj:6291"/> </patch53_test> <patch53_test id="oval:org.mitre.oval:tst:8405" version="1" comment="Patch PHKL_23628 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux"> <object object_ref="oval:org.mitre.oval:obj:6167"/> </patch53_test> <patch53_test id="oval:org.mitre.oval:tst:8096" version="1" comment="Patch PHKL_23423 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux"> <object object_ref="oval:org.mitre.oval:obj:5757"/> </patch53_test> <uname_test id="oval:org.mitre.oval:tst:3704" version="1" comment="HP Release B.11.11" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3389"/> </uname_test> <uname_test id="oval:org.mitre.oval:tst:3571" version="1" comment="HP Release B.11.00" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3813"/> </uname_test> <uname_test id="oval:org.mitre.oval:tst:3294" version="1" comment="HP Release B.11.04" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3271"/> </uname_test> </tests> <objects> <patch53_object id="oval:org.mitre.oval:obj:6291" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>KL</area_patched> <patch_base>23886</patch_base> </patch53_object> <patch53_object id="oval:org.mitre.oval:obj:6167" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>KL</area_patched> <patch_base>23628</patch_base> </patch53_object> <patch53_object id="oval:org.mitre.oval:obj:5757" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>KL</area_patched> <patch_base>23423</patch_base> </patch53_object> <uname_object id="oval:org.mitre.oval:obj:2759" version="1" comment="The single uname object." xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"/> </objects> <states> <uname_state id="oval:org.mitre.oval:ste:3389" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <os_release>B.11.11</os_release> </uname_state> <uname_state id="oval:org.mitre.oval:ste:3813" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <os_release>B.11.00</os_release> </uname_state> <uname_state id="oval:org.mitre.oval:ste:3271" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <os_release>B.11.04</os_release> </uname_state> </states> </oval_definitions> |
Worrell, Bryan A.
|
Michael,
Thank you for your submission to the OVAL Repository. Your submission has been processed and is available for further community review via the OVAL Repository website. Thanks, Bryan Worrell __ Bryan Worrell The MITRE Corporation bworrell@... >-----Original Message----- >From: Wood, Michael [mailto:michael.wood@...] >Sent: Wednesday, July 30, 2008 4:50 PM >To: oval-discussion-list OVAL Discussion List/Closed Public Discussi >Subject: [OVAL-DISCUSSION-LIST] Modified OVAL for HP-UX 11 > >Here is a modified OVAL for HP-UX 11 we would like to submit. > >oval:org.mitre.oval:def:5159 CVE-2001-1564 > >Thanks, > >Michael Wood >Hewlett-Packard > >To unsubscribe, send an email message to LISTSERV@... with >SIGNOFF OVAL-DISCUSSION-LIST >in the BODY of the message. If you have difficulties, write to OVAL- >DISCUSSION-LIST-request@.... To unsubscribe, send an email message to LISTSERV@... with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to OVAL-DISCUSSION-LIST-request@.... |
||||||||||||||||||
| Free Forum Powered by Nabble | Forum Help |