New HP-UX 11 OVALs
|
|
Wood, Michael
|
Here are some new HP-UX 11 OVALs
oval:com.hp.oval:def:20080709001 CVE-2003-0951 oval:com.hp.oval:def:20080709002 CVE-2003-0089 oval:com.hp.oval:def:20080709003 CVE-2002-1409 oval:com.hp.oval:def:20080709004 CVE-2002-2262 oval:com.hp.oval:def:20080709005 CVE-2002-2138 oval:com.hp.oval:def:20080709006 CVE-2002-1794 oval:com.hp.oval:def:20080709007 CVE-2002-0798 oval:com.hp.oval:def:20080709008 CVE-2002-0585 oval:com.hp.oval:def:20080709009 CVE-2002-0577 oval:com.hp.oval:def:20080709010 CVE-2002-0279 oval:com.hp.oval:def:20080709011 CVE-2001-1564 oval:com.hp.oval:def:20080709012 CVE-2001-0809 oval:com.hp.oval:def:20080709013 CVE-2001-1124 oval:com.hp.oval:def:20080709014 CVE-2001-0668 Thanks, Michael Wood Hewlett Packard To unsubscribe, send an email message to LISTSERV@... with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to OVAL-DISCUSSION-LIST-request@.... <?xml version="1.0" encoding="UTF-8"?> <oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:hpux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux hpux-definitions-schema.xsd"> <generator> <oval:product_name>Hewlett-Packard</oval:product_name> <oval:schema_version>5.4</oval:schema_version> <oval:timestamp>2008-07-09T16:48:33.000-04:00</oval:timestamp> </generator> <definitions> <definition id="oval:com.hp.oval:def:20080709001" version="0" class="vulnerability"> <metadata> <title>HP-UX Running Partition Manager parmgr (1M), Remote Unauthorized Access</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2003-0951" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0951"/> <description>Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:33.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="AND" comment="Criteria meets Security Bulletin HPSBUX0029"> <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/> <criteria operator="OR" comment="filesets tests"> <criterion comment="PartitionManager.PARMGR-RUN version is less than B.11.23.02.00" test_ref="oval:com.hp.oval:tst:20080709001"/> <criterion comment="PartitionManager.PARMGR-HELP version is less than B.11.23.02.00" test_ref="oval:com.hp.oval:tst:20080709002"/> <criterion comment="PartitionManager.PARMGR-MAN version is less than B.11.23.02.00" test_ref="oval:com.hp.oval:tst:20080709003"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709002" version="0" class="vulnerability"> <metadata> <title>HP-UX Running Software Distributor (SD), Local Increased Privileges.</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2003-0089" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0089"/> <description>Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:33.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00293"> <criterion comment="HP Release B.11.04" test_ref="oval:org.mitre.oval:tst:3294"/> <criteria operator="OR" comment="filesets tests"> <criterion comment="SW-DIST.SD-CMDS is installed" test_ref="oval:com.hp.oval:tst:20080709004"/> <criterion comment="SW-DIST.SD-AGENT is installed" test_ref="oval:com.hp.oval:tst:20080709005"/> </criteria> <criterion comment="Patch PHCO_30006 is installed" test_ref="oval:com.hp.oval:tst:20080709006" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00293"> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criteria operator="OR" comment="filesets tests"> <criterion comment="SW-DIST.SD-CMDS is installed" test_ref="oval:com.hp.oval:tst:20080709004"/> <criterion comment="SW-DIST.SD-AGENT is installed" test_ref="oval:com.hp.oval:tst:20080709005"/> </criteria> <criterion comment="Patch PHCO_28848 is installed" test_ref="oval:com.hp.oval:tst:20080709007" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00293"> <criterion comment="HP Release B.11.00" test_ref="oval:org.mitre.oval:tst:3571"/> <criteria operator="OR" comment="filesets tests"> <criterion comment="SW-DIST.SD-CMDS is installed" test_ref="oval:com.hp.oval:tst:20080709004"/> <criterion comment="SW-DIST.SD-AGENT is installed" test_ref="oval:com.hp.oval:tst:20080709005"/> </criteria> <criterion comment="Patch PHCO_28847 is installed" test_ref="oval:com.hp.oval:tst:20080709008" negate="true"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709003" version="0" class="vulnerability"> <metadata> <title>HP-UX running ptrace(2), Local Denial of Service (DoS)</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2002-1409" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1409"/> <description>ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state."</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:33.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00206"> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criterion comment="OS-Core.CORE2-KRN is installed" test_ref="oval:com.hp.oval:tst:20080709009"/> <criterion comment="Patch PHKL_27179 is installed" test_ref="oval:com.hp.oval:tst:20080709010" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00206"> <criterion comment="HP Release B.11.04" test_ref="oval:org.mitre.oval:tst:3294"/> <criterion comment="OS-Core.CORE2-KRN is installed" test_ref="oval:com.hp.oval:tst:20080709009"/> <criterion comment="Patch PHKL_27536 is installed" test_ref="oval:com.hp.oval:tst:20080709011" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00206"> <criterion comment="HP Release B.11.00" test_ref="oval:org.mitre.oval:tst:3571"/> <criterion comment="OS-Core.CORE2-KRN is installed" test_ref="oval:com.hp.oval:tst:20080709009"/> <criterion comment="Patch PHKL_27180 is installed" test_ref="oval:com.hp.oval:tst:20080709012" negate="true"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709004" version="0" class="vulnerability"> <metadata> <title>HP-UX running xntpd, Remote Denial of Service (DoS)</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2002-2262" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2262"/> <description>Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:33.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00232"> <criterion comment="HP Release B.11.04" test_ref="oval:org.mitre.oval:tst:3294"/> <criteria operator="OR" comment="filesets tests"> <criterion comment="InternetSrvcs.INETSVCS-BOOT is installed" test_ref="oval:com.hp.oval:tst:20080709013"/> <criterion comment="InternetSrvcs.INET-ENG-A-MAN is installed" test_ref="oval:com.hp.oval:tst:20080709014"/> </criteria> <criterion comment="Patch PHNE_27442 is installed" test_ref="oval:com.hp.oval:tst:20080709015" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00232"> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criterion comment="InternetSrvcs.INETSVCS-BOOT is installed" test_ref="oval:com.hp.oval:tst:20080709013"/> <criterion comment="Patch PHNE_24512 is installed" test_ref="oval:com.hp.oval:tst:20080709016" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00232"> <criterion comment="HP Release B.11.00" test_ref="oval:org.mitre.oval:tst:3571"/> <criteria operator="OR" comment="filesets tests"> <criterion comment="InternetSrvcs.INETSVCS-BOOT is installed" test_ref="oval:com.hp.oval:tst:20080709013"/> <criterion comment="InternetSrvcs.INET-ENG-A-MAN is installed" test_ref="oval:com.hp.oval:tst:20080709014"/> </criteria> <criterion comment="Patch PHNE_27223 is installed" test_ref="oval:com.hp.oval:tst:20080709017" negate="true"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709005" version="0" class="vulnerability"> <metadata> <title>HP-UX Running Advanced Server/9000 for HP-UX (AS/U) RFC-Netbios, Remote Denial of Service (DoS)</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2002-2138" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2138"/> <description>RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of sevrice (panic) via a malformed UDP packet on port 139.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:33.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="AND" comment="Criteria meets Security Bulletin HPSBUX00198"> <criteria operator="OR" comment="platforms"> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criterion comment="HP Release B.11.00" test_ref="oval:org.mitre.oval:tst:3571"/> </criteria> <criterion comment="RFC-NETBIOS.RFC-NETBIOS is installed" test_ref="oval:com.hp.oval:tst:20080709018"/> <criterion comment="Patch PHNE_26988 is installed" test_ref="oval:com.hp.oval:tst:20080709019" negate="true"/> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709006" version="0" class="vulnerability"> <metadata> <title>HP-UX running LDAP-UX Integration, Remote Increased Privilege</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2002-1794" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1794"/> <description>Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:33.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="AND" comment="Criteria meets Security Bulletin HPSBUX00221"> <criteria operator="OR" comment="platforms"> <criterion comment="HP Release B.11.00" test_ref="oval:org.mitre.oval:tst:3571"/> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> </criteria> <criteria operator="OR" comment="filesets tests"> <criterion comment="LdapUxClient.ADMIN-RUN version is less than B.03.01" test_ref="oval:com.hp.oval:tst:20080709020"/> <criterion comment="LdapUxClient.CORE-RUN version is less than B.03.01" test_ref="oval:com.hp.oval:tst:20080709021"/> <criterion comment="LdapUxClient.LDAP-C-SDK version is less than B.03.01" test_ref="oval:com.hp.oval:tst:20080709022"/> <criterion comment="LdapUxClient.LDUX-ENG-A-MAN version is less than B.03.01" test_ref="oval:com.hp.oval:tst:20080709023"/> <criterion comment="LdapUxClient.NATIVELDAP-RUN version is less than B.03.01" test_ref="oval:com.hp.oval:tst:20080709024"/> <criterion comment="LdapUxClient.PAM-AUTHZ-RUN version is less than B.03.01" test_ref="oval:com.hp.oval:tst:20080709025"/> <criterion comment="NisLdapServer.YPLDAP-SERVER version is less than B.03.01" test_ref="oval:com.hp.oval:tst:20080709026"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709007" version="0" class="vulnerability"> <metadata> <title>HP-UX running SD, Local Unauthorized Access, Denial of Service (DoS)</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2002-0798" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0798"/> <description>Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:33.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00194"> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criteria operator="OR" comment="filesets tests"> <criterion comment="SW-DIST.SD-AGENT is installed" test_ref="oval:com.hp.oval:tst:20080709005"/> <criterion comment="SW-DIST.SD-CMDS is installed" test_ref="oval:com.hp.oval:tst:20080709004"/> <criterion comment="SW-DIST.SD-HELP is installed" test_ref="oval:com.hp.oval:tst:20080709027"/> <criterion comment="SW-DIST.SD-JPN-E-HELP is installed" test_ref="oval:com.hp.oval:tst:20080709028"/> <criterion comment="SW-DIST.SD-JPN-S-HELP is installed" test_ref="oval:com.hp.oval:tst:20080709029"/> </criteria> <criterion comment="Patch PHCO_25887 is installed" test_ref="oval:com.hp.oval:tst:20080709030" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00194"> <criterion comment="HP Release B.11.00" test_ref="oval:org.mitre.oval:tst:3571"/> <criteria operator="OR" comment="filesets tests"> <criterion comment="SW-DIST.SD-JPN-E-MAN is installed" test_ref="oval:com.hp.oval:tst:20080709031"/> <criterion comment="SW-DIST.SD-JPN-S-HELP is installed" test_ref="oval:com.hp.oval:tst:20080709029"/> <criterion comment="SW-DIST.SD-AGENT is installed" test_ref="oval:com.hp.oval:tst:20080709005"/> <criterion comment="SW-DIST.SD-CMDS is installed" test_ref="oval:com.hp.oval:tst:20080709004"/> <criterion comment="SW-DIST.SD-JPN-E-MSG is installed" test_ref="oval:com.hp.oval:tst:20080709032"/> <criterion comment="SW-DIST.SD-JPN-S-MSG is installed" test_ref="oval:com.hp.oval:tst:20080709033"/> <criterion comment="SW-DIST.SD-ENG-A-MAN is installed" test_ref="oval:com.hp.oval:tst:20080709034"/> <criterion comment="SW-DIST.SD-FAL is installed" test_ref="oval:com.hp.oval:tst:20080709035"/> <criterion comment="SW-DIST.SD-JPN-S-MAN is installed" test_ref="oval:com.hp.oval:tst:20080709036"/> <criterion comment="SW-DIST.SD-HELP is installed" test_ref="oval:com.hp.oval:tst:20080709027"/> <criterion comment="SW-DIST.SD-JPN-E-HELP is installed" test_ref="oval:com.hp.oval:tst:20080709028"/> </criteria> <criterion comment="Patch PHCO_25875 is installed" test_ref="oval:com.hp.oval:tst:20080709037" negate="true"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709008" version="0" class="vulnerability"> <metadata> <title>HP-UX running ndd(1M), Local Denial of Service (DoS)</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2002-0585" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0585"/> <description>Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:34.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="AND" comment="Criteria meets Security Bulletin HPSBUX00192"> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criteria operator="OR" comment="filesets tests"> <criterion comment="Networking.NMS2-KRN is installed" test_ref="oval:com.hp.oval:tst:20080709038"/> <criterion comment="Networking.NMS2-KRN is installed" test_ref="oval:com.hp.oval:tst:20080709038"/> <criterion comment="OS-Core.CORE2-KRN is installed" test_ref="oval:com.hp.oval:tst:20080709009"/> <criterion comment="OS-Core.CORE2-KRN is installed" test_ref="oval:com.hp.oval:tst:20080709009"/> <criterion comment="OS-Core.SYS-ADMIN is installed" test_ref="oval:com.hp.oval:tst:20080709039"/> <criterion comment="Networking.NET-KRN is installed" test_ref="oval:com.hp.oval:tst:20080709040"/> <criterion comment="Networking.NET-PRG is installed" test_ref="oval:com.hp.oval:tst:20080709041"/> <criterion comment="Networking.NET-RUN is installed" test_ref="oval:com.hp.oval:tst:20080709042"/> <criterion comment="Networking.NET-RUN-64 is installed" test_ref="oval:com.hp.oval:tst:20080709043"/> <criterion comment="Networking.NW-ENG-A-MAN is installed" test_ref="oval:com.hp.oval:tst:20080709044"/> <criterion comment="OS-Core.CORE-KRN is installed" test_ref="oval:com.hp.oval:tst:20080709045"/> <criterion comment="OS-Core.SYS-ADMIN is installed" test_ref="oval:com.hp.oval:tst:20080709039"/> <criterion comment="ProgSupport.C-INC is installed" test_ref="oval:com.hp.oval:tst:20080709046"/> <criterion comment="Networking.NET2-KRN is installed" test_ref="oval:com.hp.oval:tst:20080709047"/> <criterion comment="Networking.NET2-KRN is installed" test_ref="oval:com.hp.oval:tst:20080709047"/> </criteria> <criterion comment="Patch PHNE_25644 is installed" test_ref="oval:com.hp.oval:tst:20080709048" negate="true"/> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709009" version="0" class="vulnerability"> <metadata> <title>HP-UX passwd(1), Local Denial of Service (DoS)</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2002-0577" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0577"/> <description>Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:34.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00191"> <criterion comment="HP Release B.11.04" test_ref="oval:org.mitre.oval:tst:3294"/> <criterion comment="OS-Core.CORE-SHLIBS is installed" test_ref="oval:com.hp.oval:tst:20080709049"/> <criterion comment="Patch PHCO_26904 is installed" test_ref="oval:com.hp.oval:tst:20080709050" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00191"> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criterion comment="OS-Core.CORE-SHLIBS is installed" test_ref="oval:com.hp.oval:tst:20080709049"/> <criterion comment="Patch PHCO_24839 is installed" test_ref="oval:com.hp.oval:tst:20080709051" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00191"> <criterion comment="HP Release B.11.00" test_ref="oval:org.mitre.oval:tst:3571"/> <criterion comment="OS-Core.CORE-SHLIBS is installed" test_ref="oval:com.hp.oval:tst:20080709049"/> <criterion comment="Patch PHCO_25527 is installed" test_ref="oval:com.hp.oval:tst:20080709052" negate="true"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709010" version="0" class="vulnerability"> <metadata> <title>HP-UX, Local Denial of Service (DoS)</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2002-0279" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0279"/> <description>The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:34.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="AND" comment="Criteria meets Security Bulletin HPSBUX00183"> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criterion comment="OS-Core.CORE2-KRN is installed" test_ref="oval:com.hp.oval:tst:20080709009"/> <criterion comment="Patch PHKL_26233 is installed" test_ref="oval:com.hp.oval:tst:20080709053" negate="true"/> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709011" version="0" class="vulnerability"> <metadata> <title>HP-UX Running setrlimit(1M), Denial of Service (DoS)</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2001-1564" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1564"/> <description>setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropeed, which could allow local users to cause a denial of service by exhausting available disk space.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:34.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00156 "> <criterion comment="HP Release B.11.04" test_ref="oval:org.mitre.oval:tst:3294"/> <criterion comment="setrlimit(1M) is installed" test_ref="oval:com.hp.oval:tst:20080709054"/> <criterion comment="Patch PHKL_23886 is installed" test_ref="oval:com.hp.oval:tst:20080709055" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00156 "> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criterion comment="setrlimit(1M) is installed" test_ref="oval:com.hp.oval:tst:20080709054"/> <criterion comment="Patch PHKL_23423 is installed" test_ref="oval:com.hp.oval:tst:20080709056" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00156 "> <criterion comment="HP Release B.11.00" test_ref="oval:org.mitre.oval:tst:3571"/> <criterion comment="setrlimit(1M) is installed" test_ref="oval:com.hp.oval:tst:20080709054"/> <criterion comment="Patch PHKL_23628 is installed" test_ref="oval:com.hp.oval:tst:20080709057" negate="true"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709012" version="0" class="vulnerability"> <metadata> <title>HP-UX CIFS Server (Samba) Local Unauthorized Access, Elevated Privileges</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2001-0809" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0809"/> <description>Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:34.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="AND" comment="Criteria meets Security Bulletin HPSBUX02155"> <criteria operator="OR" comment="platforms"> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/> </criteria> <criteria operator="OR" comment="filesets tests"> <criterion comment="CIFS-Server.CIFS-RUN version is less than A.02.03" test_ref="oval:com.hp.oval:tst:20080709058"/> <criterion comment="CIFS-Server.CIFS-UTIL version is less than A.02.03" test_ref="oval:com.hp.oval:tst:20080709059"/> <criterion comment="CIFS-Server.CIFS-ADMIN version is less than A.02.03" test_ref="oval:com.hp.oval:tst:20080709060"/> <criterion comment="CIFS-Server.CIFS-LIB version is less than A.02.03" test_ref="oval:com.hp.oval:tst:20080709061"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709013" version="0" class="vulnerability"> <metadata> <title>HP-UX Running rpcbind Software, Denial of Service (DoS)</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2001-1124" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1124"/> <description>rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:34.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00169"> <criterion comment="HP Release B.11.04" test_ref="oval:org.mitre.oval:tst:3294"/> <criterion comment="rpcbind is installed" test_ref="oval:com.hp.oval:tst:20080709062"/> <criterion comment="Patch PHNE_25077 is installed" test_ref="oval:com.hp.oval:tst:20080709063" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00169"> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criterion comment="rpcbind is installed" test_ref="oval:com.hp.oval:tst:20080709062"/> <criterion comment="Patch PHNE_24035 is installed" test_ref="oval:com.hp.oval:tst:20080709064" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00169"> <criterion comment="HP Release B.11.00" test_ref="oval:org.mitre.oval:tst:3571"/> <criterion comment="rpcbind is installed" test_ref="oval:com.hp.oval:tst:20080709062"/> <criterion comment="Patch PHNE_24034 is installed" test_ref="oval:com.hp.oval:tst:20080709065" negate="true"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:20080709014" version="0" class="vulnerability"> <metadata> <title>HP-UX running rlpdaemon, Remote Unauthorized Access, Increased Privilege</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2001-0668" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0668"/> <description>Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.</description> <oval_repository> <dates> <submitted date="2008-07-09T16:48:34.000-04:00"> <contributor organization="Hewlett-Packard">Michael Wood</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00163"> <criterion comment="HP-UX B.11.20" test_ref="oval:com.hp.oval:tst:20080709066"/> <criterion comment="PrinterMgmt.LP-SPOOL is installed" test_ref="oval:com.hp.oval:tst:20080709067"/> <criterion comment="Patch PHCO_24868 is installed" test_ref="oval:com.hp.oval:tst:20080709068" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00163"> <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/> <criterion comment="PrinterMgmt.LP-SPOOL is installed" test_ref="oval:com.hp.oval:tst:20080709067"/> <criterion comment="Patch PHCO_24701 is installed" test_ref="oval:com.hp.oval:tst:20080709069" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX00163"> <criterion comment="HP Release B.11.00" test_ref="oval:org.mitre.oval:tst:3571"/> <criterion comment="PrinterMgmt.LP-SPOOL is installed" test_ref="oval:com.hp.oval:tst:20080709067"/> <criterion comment="Patch PHCO_24700 is installed" test_ref="oval:com.hp.oval:tst:20080709070" negate="true"/> </criteria> </criteria> </definition> </definitions> <tests> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="PartitionManager.PARMGR-RUN version is less than B.11.23.02.00" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709001"> <object object_ref="oval:com.hp.oval:obj:20080709001"/> <state state_ref="oval:com.hp.oval:ste:20080709001"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="PartitionManager.PARMGR-HELP version is less than B.11.23.02.00" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709002"> <object object_ref="oval:com.hp.oval:obj:20080709002"/> <state state_ref="oval:com.hp.oval:ste:20080709001"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="PartitionManager.PARMGR-MAN version is less than B.11.23.02.00" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709003"> <object object_ref="oval:com.hp.oval:obj:20080709003"/> <state state_ref="oval:com.hp.oval:ste:20080709001"/> </swlist_test> <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3901" version="1" comment="HP Release B.11.23" check_existence="at_least_one_exists" check="all"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3324"/> </uname_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="SW-DIST.SD-CMDS is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709004"> <object object_ref="oval:com.hp.oval:obj:20080709004"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="SW-DIST.SD-AGENT is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709005"> <object object_ref="oval:com.hp.oval:obj:20080709005"/> </swlist_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHCO_30006 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709006"> <object object_ref="oval:com.hp.oval:obj:20080709006"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHCO_28848 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709007"> <object object_ref="oval:com.hp.oval:obj:20080709007"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHCO_28847 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709008"> <object object_ref="oval:com.hp.oval:obj:20080709008"/> </patch53_test> <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3294" version="1" comment="HP Release B.11.04" check_existence="at_least_one_exists" check="all"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3271"/> </uname_test> <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3571" version="1" comment="HP Release B.11.00" check_existence="at_least_one_exists" check="all"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3813"/> </uname_test> <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3704" version="1" comment="HP Release B.11.11" check_existence="at_least_one_exists" check="all"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3389"/> </uname_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="OS-Core.CORE2-KRN is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709009"> <object object_ref="oval:com.hp.oval:obj:20080709009"/> </swlist_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHKL_27179 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709010"> <object object_ref="oval:com.hp.oval:obj:20080709010"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHKL_27536 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709011"> <object object_ref="oval:com.hp.oval:obj:20080709011"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHKL_27180 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709012"> <object object_ref="oval:com.hp.oval:obj:20080709012"/> </patch53_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="InternetSrvcs.INETSVCS-BOOT is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709013"> <object object_ref="oval:com.hp.oval:obj:20080709013"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="InternetSrvcs.INET-ENG-A-MAN is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709014"> <object object_ref="oval:com.hp.oval:obj:20080709014"/> </swlist_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHNE_27442 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709015"> <object object_ref="oval:com.hp.oval:obj:20080709015"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHNE_24512 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709016"> <object object_ref="oval:com.hp.oval:obj:20080709016"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHNE_27223 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709017"> <object object_ref="oval:com.hp.oval:obj:20080709017"/> </patch53_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="RFC-NETBIOS.RFC-NETBIOS is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709018"> <object object_ref="oval:com.hp.oval:obj:20080709018"/> </swlist_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHNE_26988 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709019"> <object object_ref="oval:com.hp.oval:obj:20080709019"/> </patch53_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="LdapUxClient.ADMIN-RUN version is less than B.03.01" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709020"> <object object_ref="oval:com.hp.oval:obj:20080709020"/> <state state_ref="oval:com.hp.oval:ste:20080709002"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="LdapUxClient.CORE-RUN version is less than B.03.01" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709021"> <object object_ref="oval:com.hp.oval:obj:20080709021"/> <state state_ref="oval:com.hp.oval:ste:20080709002"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="LdapUxClient.LDAP-C-SDK version is less than B.03.01" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709022"> <object object_ref="oval:com.hp.oval:obj:20080709022"/> <state state_ref="oval:com.hp.oval:ste:20080709002"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="LdapUxClient.LDUX-ENG-A-MAN version is less than B.03.01" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709023"> <object object_ref="oval:com.hp.oval:obj:20080709023"/> <state state_ref="oval:com.hp.oval:ste:20080709002"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="LdapUxClient.NATIVELDAP-RUN version is less than B.03.01" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709024"> <object object_ref="oval:com.hp.oval:obj:20080709024"/> <state state_ref="oval:com.hp.oval:ste:20080709002"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="LdapUxClient.PAM-AUTHZ-RUN version is less than B.03.01" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709025"> <object object_ref="oval:com.hp.oval:obj:20080709025"/> <state state_ref="oval:com.hp.oval:ste:20080709002"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="NisLdapServer.YPLDAP-SERVER version is less than B.03.01" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709026"> <object object_ref="oval:com.hp.oval:obj:20080709026"/> <state state_ref="oval:com.hp.oval:ste:20080709002"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="SW-DIST.SD-HELP is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709027"> <object object_ref="oval:com.hp.oval:obj:20080709027"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="SW-DIST.SD-JPN-E-HELP is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709028"> <object object_ref="oval:com.hp.oval:obj:20080709028"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="SW-DIST.SD-JPN-S-HELP is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709029"> <object object_ref="oval:com.hp.oval:obj:20080709029"/> </swlist_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHCO_25887 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709030"> <object object_ref="oval:com.hp.oval:obj:20080709030"/> </patch53_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="SW-DIST.SD-JPN-E-MAN is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709031"> <object object_ref="oval:com.hp.oval:obj:20080709031"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="SW-DIST.SD-JPN-E-MSG is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709032"> <object object_ref="oval:com.hp.oval:obj:20080709032"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="SW-DIST.SD-JPN-S-MSG is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709033"> <object object_ref="oval:com.hp.oval:obj:20080709033"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="SW-DIST.SD-ENG-A-MAN is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709034"> <object object_ref="oval:com.hp.oval:obj:20080709034"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="SW-DIST.SD-FAL is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709035"> <object object_ref="oval:com.hp.oval:obj:20080709035"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="SW-DIST.SD-JPN-S-MAN is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709036"> <object object_ref="oval:com.hp.oval:obj:20080709036"/> </swlist_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHCO_25875 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709037"> <object object_ref="oval:com.hp.oval:obj:20080709037"/> </patch53_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Networking.NMS2-KRN is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709038"> <object object_ref="oval:com.hp.oval:obj:20080709038"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="OS-Core.SYS-ADMIN is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709039"> <object object_ref="oval:com.hp.oval:obj:20080709039"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Networking.NET-KRN is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709040"> <object object_ref="oval:com.hp.oval:obj:20080709040"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Networking.NET-PRG is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709041"> <object object_ref="oval:com.hp.oval:obj:20080709041"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Networking.NET-RUN is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709042"> <object object_ref="oval:com.hp.oval:obj:20080709042"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Networking.NET-RUN-64 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709043"> <object object_ref="oval:com.hp.oval:obj:20080709043"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Networking.NW-ENG-A-MAN is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709044"> <object object_ref="oval:com.hp.oval:obj:20080709044"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="OS-Core.CORE-KRN is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709045"> <object object_ref="oval:com.hp.oval:obj:20080709045"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="ProgSupport.C-INC is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709046"> <object object_ref="oval:com.hp.oval:obj:20080709046"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Networking.NET2-KRN is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709047"> <object object_ref="oval:com.hp.oval:obj:20080709047"/> </swlist_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHNE_25644 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709048"> <object object_ref="oval:com.hp.oval:obj:20080709048"/> </patch53_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="OS-Core.CORE-SHLIBS is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709049"> <object object_ref="oval:com.hp.oval:obj:20080709049"/> </swlist_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHCO_26904 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709050"> <object object_ref="oval:com.hp.oval:obj:20080709050"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHCO_24839 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709051"> <object object_ref="oval:com.hp.oval:obj:20080709051"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHCO_25527 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709052"> <object object_ref="oval:com.hp.oval:obj:20080709052"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHKL_26233 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709053"> <object object_ref="oval:com.hp.oval:obj:20080709053"/> </patch53_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="setrlimit(1M) is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709054"> <object object_ref="oval:com.hp.oval:obj:20080709054"/> </swlist_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHKL_23886 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709055"> <object object_ref="oval:com.hp.oval:obj:20080709055"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHKL_23423 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709056"> <object object_ref="oval:com.hp.oval:obj:20080709056"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHKL_23628 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709057"> <object object_ref="oval:com.hp.oval:obj:20080709057"/> </patch53_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="CIFS-Server.CIFS-RUN version is less than A.02.03" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709058"> <object object_ref="oval:com.hp.oval:obj:20080709058"/> <state state_ref="oval:com.hp.oval:ste:20080709003"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="CIFS-Server.CIFS-UTIL version is less than A.02.03" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709059"> <object object_ref="oval:com.hp.oval:obj:20080709059"/> <state state_ref="oval:com.hp.oval:ste:20080709003"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="CIFS-Server.CIFS-ADMIN version is less than A.02.03" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709060"> <object object_ref="oval:com.hp.oval:obj:20080709060"/> <state state_ref="oval:com.hp.oval:ste:20080709003"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="CIFS-Server.CIFS-LIB version is less than A.02.03" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709061"> <object object_ref="oval:com.hp.oval:obj:20080709061"/> <state state_ref="oval:com.hp.oval:ste:20080709003"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="rpcbind is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709062"> <object object_ref="oval:com.hp.oval:obj:20080709062"/> </swlist_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHNE_25077 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709063"> <object object_ref="oval:com.hp.oval:obj:20080709063"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHNE_24035 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709064"> <object object_ref="oval:com.hp.oval:obj:20080709064"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHNE_24034 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709065"> <object object_ref="oval:com.hp.oval:obj:20080709065"/> </patch53_test> <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" check_existence="at_least_one_exists" comment="HP-UX B.11.20" check="all" version="1" id="oval:com.hp.oval:tst:20080709066"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:com.hp.oval:ste:20080709004"/> </uname_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="PrinterMgmt.LP-SPOOL is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709067"> <object object_ref="oval:com.hp.oval:obj:20080709066"/> </swlist_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHCO_24868 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709068"> <object object_ref="oval:com.hp.oval:obj:20080709067"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHCO_24701 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709069"> <object object_ref="oval:com.hp.oval:obj:20080709068"/> </patch53_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHCO_24700 is installed" check="at least one" version="1" id="oval:com.hp.oval:tst:20080709070"> <object object_ref="oval:com.hp.oval:obj:20080709069"/> </patch53_test> </tests> <objects> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709001"> <swlist>PartitionManager.PARMGR-RUN</swlist> </swlist_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709002"> <swlist>PartitionManager.PARMGR-HELP</swlist> </swlist_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709003"> <swlist>PartitionManager.PARMGR-MAN</swlist> </swlist_object> <uname_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:obj:2759" version="1" comment="The single uname object."/> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709004"> <swlist>SW-DIST.SD-CMDS</swlist> </swlist_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709005"> <swlist>SW-DIST.SD-AGENT</swlist> </swlist_object> <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709006"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>CO</area_patched> <patch_base>30006</patch_base> </patch53_object> <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709007"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>CO</area_patched> <patch_base>28848</patch_base> </patch53_object> <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709008"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>CO</area_patched> <patch_base>28847</patch_base> </patch53_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709009"> <swlist>OS-Core.CORE2-KRN</swlist> </swlist_object> <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709010"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>KL</area_patched> <patch_base>27179</patch_base> </patch53_object> <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709011"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>KL</area_patched> <patch_base>27536</patch_base> </patch53_object> <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709012"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>KL</area_patched> <patch_base>27180</patch_base> </patch53_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709013"> <swlist>InternetSrvcs.INETSVCS-BOOT</swlist> </swlist_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709014"> <swlist>InternetSrvcs.INET-ENG-A-MAN</swlist> </swlist_object> <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709015"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>NE</area_patched> <patch_base>27442</patch_base> </patch53_object> <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709016"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>NE</area_patched> <patch_base>24512</patch_base> </patch53_object> <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709017"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>NE</area_patched> <patch_base>27223</patch_base> </patch53_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709018"> <swlist>RFC-NETBIOS.RFC-NETBIOS</swlist> </swlist_object> <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709019"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>NE</area_patched> <patch_base>26988</patch_base> </patch53_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709020"> <swlist>LdapUxClient.ADMIN-RUN</swlist> </swlist_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709021"> <swlist>LdapUxClient.CORE-RUN</swlist> </swlist_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709022"> <swlist>LdapUxClient.LDAP-C-SDK</swlist> </swlist_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709023"> <swlist>LdapUxClient.LDUX-ENG-A-MAN</swlist> </swlist_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709024"> <swlist>LdapUxClient.NATIVELDAP-RUN</swlist> </swlist_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709025"> <swlist>LdapUxClient.PAM-AUTHZ-RUN</swlist> </swlist_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709026"> <swlist>NisLdapServer.YPLDAP-SERVER</swlist> </swlist_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.oval:obj:20080709027"> <swlist>SW-DIST.SD-HELP</swlist> </swlist_object> <swlist_object xmlns=" | |||||||||||||||
