New OVAL for Solaris and AIX
|
|
Peng, Pai
|
Some javascript/style in this post has been disabled (why?)
We’d like to submit 5 OVAL definitions. Four of them cover
CVE-2008-0964,
CVE-2008-0965,
CVE-2008-3549,
and CVE-2008-0509.
One inventory definition is for cpe:/o:ibm:aix:4.3. Thanks, Pai <?xml version="1.0" encoding="UTF-8"?> <oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval1="http://oval.mitre.org/XMLSchema/oval-definitions-5" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#windows windows-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris solaris-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux hpux-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#aix aix-definitions-schema.xsd"> <generator> <oval:product_name>Hewlett-Packard Live Network</oval:product_name> <oval:schema_version>5.4</oval:schema_version> <oval:timestamp>2008-08-12T19:50:06.000-00:00</oval:timestamp> </generator> <definitions> <definition id="oval:com.hp.oval:def:1" version="0" class="vulnerability"> <metadata> <title>Security Vulnerability in Solaris snoop(1M) when Displaying SMB Traffic</title> <affected family="unix"> <platform>Sun Solaris 8</platform> <platform>Sun Solaris 9</platform> <platform>Sun Solaris 10</platform> </affected> <reference source="CVE" ref_id="CVE-2008-0964" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0964"/> <description>Unspecified vulnerability in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allows remote attackers to execute arbitrary code via a crafted SMB packet, a different vulnerability than CVE-2008-0965.</description> <oval_repository> <dates> <submitted date="2008-08-11T12:08:06.000-04:00"> <contributor organization="Hewlett-Packard">Pai Peng</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR" comment="Software Section"> <criteria operator="AND" comment="Solaris 10 (SPARC) meets Sun Alert 240101" negate="false"> <extend_definition comment="Solaris 10 (SPARC) is installed" definition_ref="oval:org.mitre.oval:def:1440"/> <criterion comment="Patch 138083-01 or later installed" test_ref="oval:com.hp.oval:tst:1" negate="true"/> </criteria> <criteria operator="AND" comment="Solaris 9 (SPARC) meets Sun Alert 240101" negate="false"> <extend_definition comment="Solaris 9 (SPARC) is installed" definition_ref="oval:org.mitre.oval:def:1457"/> <criterion comment="Patch 112915-05 or later installed" test_ref="oval:com.hp.oval:tst:2" negate="true"/> </criteria> <criteria operator="AND" comment="Solaris 8 (SPARC) meets Sun Alert 240101" negate="false"> <extend_definition comment="Solaris 8 (SPARC) is installed" definition_ref="oval:org.mitre.oval:def:1539"/> <criterion comment="Patch 108964-11 or later installed" test_ref="oval:com.hp.oval:tst:3" negate="true"/> </criteria> <criteria operator="AND" comment="Solaris 10 (x86) meets Sun Alert 240101" negate="false"> <extend_definition comment="Solaris 10 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1926"/> <criterion comment="Patch 138084-01 or later installed" test_ref="oval:com.hp.oval:tst:4" negate="true"/> </criteria> <criteria operator="AND" comment="Solaris 9 (x86) meets Sun Alert 240101" negate="false"> <extend_definition comment="Solaris 9 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1683"/> <criterion comment="Patch 114262-04 or later installed" test_ref="oval:com.hp.oval:tst:5" negate="true"/> </criteria> <criteria operator="AND" comment="Solaris 8 (x86) meets Sun Alert 240101" negate="false"> <extend_definition comment="Solaris 8 (x86) is installed" definition_ref="oval:org.mitre.oval:def:2059"/> <criterion comment="Patch 108965-11 or later installed" test_ref="oval:com.hp.oval:tst:6" negate="true"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:2" version="0" class="vulnerability"> <metadata> <title>Security Vulnerability in Solaris snoop(1M) when Displaying SMB Traffic</title> <affected family="unix"> <platform>Sun Solaris 8</platform> <platform>Sun Solaris 9</platform> <platform>Sun Solaris 10</platform> </affected> <reference source="CVE" ref_id="CVE-2008-0965" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0965"/> <description>Unspecified vulnerability in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allows remote attackers to execute arbitrary code via a crafted SMB packet, a different vulnerability than CVE-2008-0964.</description> <oval_repository> <dates> <submitted date="2008-08-11T12:08:06.000-04:00"> <contributor organization="Hewlett-Packard">Pai Peng</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR" comment="Software Section"> <criteria operator="AND" comment="Solaris 10 (SPARC) meets Sun Alert 240101" negate="false"> <extend_definition comment="Solaris 10 (SPARC) is installed" definition_ref="oval:org.mitre.oval:def:1440"/> <criterion comment="Patch 138083-01 or later installed" test_ref="oval:com.hp.oval:tst:1" negate="true"/> </criteria> <criteria operator="AND" comment="Solaris 9 (SPARC) meets Sun Alert 240101" negate="false"> <extend_definition comment="Solaris 9 (SPARC) is installed" definition_ref="oval:org.mitre.oval:def:1457"/> <criterion comment="Patch 112915-05 or later installed" test_ref="oval:com.hp.oval:tst:2" negate="true"/> </criteria> <criteria operator="AND" comment="Solaris 8 (SPARC) meets Sun Alert 240101" negate="false"> <extend_definition comment="Solaris 8 (SPARC) is installed" definition_ref="oval:org.mitre.oval:def:1539"/> <criterion comment="Patch 108964-11 or later installed" test_ref="oval:com.hp.oval:tst:3" negate="true"/> </criteria> <criteria operator="AND" comment="Solaris 10 (x86) meets Sun Alert 240101" negate="false"> <extend_definition comment="Solaris 10 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1926"/> <criterion comment="Patch 138084-01 or later installed" test_ref="oval:com.hp.oval:tst:4" negate="true"/> </criteria> <criteria operator="AND" comment="Solaris 9 (x86) meets Sun Alert 240101" negate="false"> <extend_definition comment="Solaris 9 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1683"/> <criterion comment="Patch 114262-04 or later installed" test_ref="oval:com.hp.oval:tst:5" negate="true"/> </criteria> <criteria operator="AND" comment="Solaris 8 (x86) meets Sun Alert 240101" negate="false"> <extend_definition comment="Solaris 8 (x86) is installed" definition_ref="oval:org.mitre.oval:def:2059"/> <criterion comment="Patch 108965-11 or later installed" test_ref="oval:com.hp.oval:tst:6" negate="true"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:3" version="0" class="vulnerability"> <metadata> <title>Security Vulnerabilities in the Solaris Priority Inherited pthread mutex API May Result in a Denial of Service (DoS) Condition</title> <affected family="unix"> <platform>Sun Solaris 10</platform> </affected> <reference source="CVE" ref_id="CVE-2008-3549" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3549"/> <description>Unspecified vulnerability in the pthread_mutex_reltimedlock_np API in Sun Solaris 10 and OpenSolaris before snv_90 allows local users to cause a denial of service (system hang or panic) via unknown vectors.</description> <oval_repository> <dates> <submitted date="2008-08-11T17:42:55.000-04:00"> <contributor organization="Hewlett-Packard">Pai Peng</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR" comment="Software Section"> <criteria operator="AND" comment="Solaris 10 (SPARC) meets Sun Alert 239387" negate="false"> <extend_definition comment="Solaris 10 (SPARC) is installed" definition_ref="oval:org.mitre.oval:def:1440"/> <criterion comment="Patch 137111-04 or later installed" test_ref="oval:com.hp.oval:tst:7" negate="true"/> <criterion comment="deadman feature is enabled (kernel variable 'snooping' has a value of one)" test_ref="oval:com.hp.oval:tst:9" negate="false"/> </criteria> <criteria operator="AND" comment="Solaris 10 (x86) meets Sun Alert 239387" negate="false"> <extend_definition comment="Solaris 10 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1926"/> <criterion comment="Patch 137112-04 or later installed" test_ref="oval:com.hp.oval:tst:8" negate="true"/> <criterion comment="deadman feature is enabled (kernel variable 'snooping' has a value of one)" test_ref="oval:com.hp.oval:tst:9" negate="false"/> </criteria> </criteria> </definition> <definition id="oval:com.hp.oval:def:4" version="0" class="inventory"> <metadata> <title>IBM AIX 4.3 is installed</title> <affected family="unix"> <platform>IBM AIX 4.3</platform> </affected> <reference source="CPE" ref_id="cpe:/o:ibm:aix:4.3"/> <description>The operating system installed on the system is IBM AIX 4.3.</description> <oval_repository> <dates> <submitted date="2008-08-11T12:00:00.000-04:00"> <contributor organization="Hewlett-Packard">Yuzheng Zhou</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria> <criterion comment="IBM AIX version is greater than or equal 4.3.0.0" test_ref="oval:com.hp.oval:tst:10" negate="false"/> <criterion comment="IBM AIX version is less than 5.0.0.0" test_ref="oval:com.hp.oval:tst:11" negate="false"/> </criteria> </definition> <definition id="oval:com.hp.oval:def:5" version="0" class="vulnerability"> <metadata> <title>IBM AIX 'piox25.c/piox25remote.sh' Local Buffer Overflow Vulnerability</title> <affected family="unix"> <platform>IBM AIX 4.3</platform> </affected> <reference source="CVE" ref_id="CVE-2008-0509" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0509"/> <description>Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25remote, related to piox25remote.sh.</description> <oval_repository> <dates> <submitted date="2008-08-11T15:10:44.000-05:00"> <contributor organization="Hewlett-Packard">Yuzheng Zhou</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR" comment="Software Section"> <extend_definition comment="IBM AIX 4.3 is installed" definition_ref="oval:com.hp.oval:def:4"/> <criterion comment="All filesets for APAR IZ13739 are installed" test_ref="oval:com.hp.oval:tst:12" negate="true"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:1440" version="1" class="inventory"> <metadata> <title>Solaris 10 (SPARC) is installed</title> <affected family="unix"> <platform>Sun Solaris 10</platform> </affected> <reference source="CPE" ref_id="cpe:/o:sun:sunos:5.10::sparc"/> <description>The operating system installed on the system is Sun Solaris 10 for SPARC.</description> <oval_repository> <dates> <submitted date="2007-06-15T12:00:00.000-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-06-15T12:20:00.000-04:00">DRAFT</status_change> <status_change date="2007-07-03T21:53:52.343-04:00">INTERIM</status_change> <status_change date="2007-07-18T15:57:49.640-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="Solaris 10 Installed" test_ref="oval:org.mitre.oval:tst:3680"/> <criterion comment="sparc architecture" test_ref="oval:org.mitre.oval:tst:3237"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:1457" version="1" class="inventory"> <metadata> <title>Solaris 9 (SPARC) is installed</title> <affected family="unix"> <platform>Sun Solaris 9</platform> </affected> <reference source="CPE" ref_id="cpe:/o:sun:sunos:5.9::sparc"/> <description>The operating system installed on the system is Sun Solaris 9 for SPARC.</description> <oval_repository> <dates> <submitted date="2007-06-22T08:00:00.000-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-06-22T08:20:00.000-04:00">DRAFT</status_change> <status_change date="2007-07-10T21:08:48.350-04:00">INTERIM</status_change> <status_change date="2007-08-01T22:26:14.151-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="Solaris 9 Installed" test_ref="oval:org.mitre.oval:tst:3172"/> <criterion comment="sparc architecture" test_ref="oval:org.mitre.oval:tst:3237"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:1539" version="1" class="inventory"> <metadata> <title>Solaris 8 (SPARC) is installed</title> <affected family="unix"> <platform>Sun Solaris 8</platform> </affected> <reference source="CPE" ref_id="cpe:/o:sun:sunos:5.8::sparc"/> <description>The operating system installed on the system is Sun Solaris 8 for SPARC.</description> <oval_repository> <dates> <submitted date="2007-06-22T08:00:00.000-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-06-22T08:20:00.000-04:00">DRAFT</status_change> <status_change date="2007-07-10T21:08:48.692-04:00">INTERIM</status_change> <status_change date="2007-08-01T22:26:14.211-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="Solaris 8 Installed" test_ref="oval:org.mitre.oval:tst:3437"/> <criterion comment="sparc architecture" test_ref="oval:org.mitre.oval:tst:3237"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:1683" version="1" class="inventory"> <metadata> <title>Solaris 9 (x86) is installed</title> <affected family="unix"> <platform>Sun Solaris 9</platform> </affected> <reference source="CPE" ref_id="cpe:/o:sun:sunos:5.9::ix86"/> <description>The operating system installed on the system is Sun Solaris 9 for x86.</description> <oval_repository> <dates> <submitted date="2007-06-22T08:00:00.000-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-06-22T08:20:00.000-04:00">DRAFT</status_change> <status_change date="2007-07-10T21:08:49.960-04:00">INTERIM</status_change> <status_change date="2007-08-01T22:26:14.277-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="Solaris 9 Installed" test_ref="oval:org.mitre.oval:tst:3172"/> <criterion comment="ix86 architecture" test_ref="oval:org.mitre.oval:tst:3912"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:1926" version="1" class="inventory"> <metadata> <title>Solaris 10 (x86) is installed</title> <affected family="unix"> <platform>Sun Solaris 10</platform> </affected> <reference source="CPE" ref_id="cpe:/o:sun:sunos:5.10::ix86"/> <description>The operating system installed on the system is Sun Solaris 10 for x86.</description> <oval_repository> <dates> <submitted date="2007-06-15T12:00:00.000-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-06-15T12:20:00.000-04:00">DRAFT</status_change> <status_change date="2007-07-03T21:53:53.007-04:00">INTERIM</status_change> <status_change date="2007-07-18T15:57:51.357-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="Solaris 10 Installed" test_ref="oval:org.mitre.oval:tst:3680"/> <criterion comment="ix86 architecture" test_ref="oval:org.mitre.oval:tst:3912"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:2059" version="1" class="inventory"> <metadata> <title>Solaris 8 (x86) is installed</title> <affected family="unix"> <platform>Sun Solaris 8</platform> </affected> <reference source="CPE" ref_id="cpe:/o:sun:sunos:5.8::ix86"/> <description>The operating system installed on the system is Sun Solaris 8 for x86.</description> <oval_repository> <dates> <submitted date="2007-06-22T08:00:00.000-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-06-22T08:20:00.000-04:00">DRAFT</status_change> <status_change date="2007-07-10T21:08:51.544-04:00">INTERIM</status_change> <status_change date="2007-08-01T22:26:15.624-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="Solaris 8 Installed" test_ref="oval:org.mitre.oval:tst:3437"/> <criterion comment="ix86 architecture" test_ref="oval:org.mitre.oval:tst:3912"/> </criteria> </definition> </definitions> <tests> <patch_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" check_existence="at_least_one_exists" comment="Patch 138083-01 or later installed" check="at least one" version="1" id="oval:com.hp.oval:tst:1"> <object object_ref="oval:com.hp.oval:obj:1"/> <state state_ref="oval:com.hp.oval:ste:1"/> </patch_test> <patch_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" check_existence="at_least_one_exists" comment="Patch 112915-05 or later installed" check="at least one" version="1" id="oval:com.hp.oval:tst:2"> <object object_ref="oval:com.hp.oval:obj:2"/> <state state_ref="oval:com.hp.oval:ste:2"/> </patch_test> <patch_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" check_existence="at_least_one_exists" comment="Patch 108964-11 or later installed" check="at least one" version="1" id="oval:com.hp.oval:tst:3"> <object object_ref="oval:com.hp.oval:obj:3"/> <state state_ref="oval:com.hp.oval:ste:3"/> </patch_test> <patch_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" check_existence="at_least_one_exists" comment="Patch 138084-01 or later installed" check="at least one" version="1" id="oval:com.hp.oval:tst:4"> <object object_ref="oval:com.hp.oval:obj:4"/> <state state_ref="oval:com.hp.oval:ste:1"/> </patch_test> <patch_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" check_existence="at_least_one_exists" comment="Patch 114262-04 or later installed" check="at least one" version="1" id="oval:com.hp.oval:tst:5"> <object object_ref="oval:com.hp.oval:obj:5"/> <state state_ref="oval:com.hp.oval:ste:4"/> </patch_test> <patch_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" check_existence="at_least_one_exists" comment="Patch 108965-11 or later installed" check="at least one" version="1" id="oval:com.hp.oval:tst:6"> <object object_ref="oval:com.hp.oval:obj:6"/> <state state_ref="oval:com.hp.oval:ste:3"/> </patch_test> <patch_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" check_existence="at_least_one_exists" comment="Patch 137111-04 or later installed" check="at least one" version="1" id="oval:com.hp.oval:tst:7"> <object object_ref="oval:com.hp.oval:obj:7"/> <state state_ref="oval:com.hp.oval:ste:5"/> </patch_test> <patch_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" check_existence="at_least_one_exists" comment="Patch 137112-04 or later installed" check="at least one" version="1" id="oval:com.hp.oval:tst:8"> <object object_ref="oval:com.hp.oval:obj:8"/> <state state_ref="oval:com.hp.oval:ste:5"/> </patch_test> <textfilecontent_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check_existence="at_least_one_exists" comment="deadman feature is enabled (kernel variable 'snooping' has a value of one)" check="at least one" version="1" id="oval:com.hp.oval:tst:9"> <object object_ref="oval:com.hp.oval:obj:9"/> </textfilecontent_test> <oslevel_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" check_existence="at_least_one_exists" comment="IBM AIX version is greater than or equal 4.3.0.0" check="at least one" version="1" id="oval:com.hp.oval:tst:10"> <object object_ref="oval:com.hp.oval:obj:10"/> <state state_ref="oval:com.hp.oval:ste:6"/> </oslevel_test> <oslevel_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" check_existence="at_least_one_exists" comment="IBM AIX version is less than 5.0.0.0" check="at least one" version="1" id="oval:com.hp.oval:tst:11"> <object object_ref="oval:com.hp.oval:obj:10"/> <state state_ref="oval:com.hp.oval:ste:7"/> </oslevel_test> <fix_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" check_existence="at_least_one_exists" comment="All filesets for APAR IZ13739 are installed" check="at least one" version="1" id="oval:com.hp.oval:tst:12"> <object object_ref="oval:com.hp.oval:obj:11"/> <state state_ref="oval:com.hp.oval:ste:8"/> </fix_test> <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3172" version="1" comment="Solaris 9 Installed" check_existence="at_least_one_exists" check="at least one"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3891"/> </uname_test> <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3237" version="1" comment="sparc architecture" check_existence="at_least_one_exists" check="at least one"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3478"/> </uname_test> <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3437" version="1" comment="Solaris 8 Installed" check_existence="at_least_one_exists" check="at least one"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3700"/> </uname_test> <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3680" version="1" comment="Solaris 10 Installed" check_existence="at_least_one_exists" check="at least one"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3597"/> </uname_test> <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3912" version="1" comment="ix86 architecture" check_existence="at_least_one_exists" check="at least one"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3443"/> </uname_test> </tests> <objects> <patch_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" version="1" id="oval:com.hp.oval:obj:1"> <base datatype="int">138083</base> </patch_object> <patch_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" version="1" id="oval:com.hp.oval:obj:2"> <base datatype="int">112915</base> </patch_object> <patch_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" version="1" id="oval:com.hp.oval:obj:3"> <base datatype="int">108964</base> </patch_object> <patch_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" version="1" id="oval:com.hp.oval:obj:4"> <base datatype="int">138084</base> </patch_object> <patch_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" version="1" id="oval:com.hp.oval:obj:5"> <base datatype="int">114262</base> </patch_object> <patch_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" version="1" id="oval:com.hp.oval:obj:6"> <base datatype="int">108965</base> </patch_object> <patch_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" version="1" id="oval:com.hp.oval:obj:7"> <base datatype="int">137111</base> </patch_object> <patch_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" version="1" id="oval:com.hp.oval:obj:8"> <base datatype="int">137112</base> </patch_object> <textfilecontent_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" version="1" id="oval:com.hp.oval:obj:9"> <path operation="equals">/etc</path> <filename>system</filename> <line operation="pattern match">set\s+snooping\s*=\s*1\s</line> </textfilecontent_object> <oslevel_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" id="oval:com.hp.oval:obj:10" version="1" comment="The single oslevel object."/> <fix_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" version="1" id="oval:com.hp.oval:obj:11"> <apar_number datatype="string">IZ13739</apar_number> </fix_object> <uname_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:obj:2759" version="1" comment="The single uname object."/> </objects> <states> <patch_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" operator="AND" version="1" id="oval:com.hp.oval:ste:1"> <version operation="greater than or equal" datatype="int">01</version> </patch_state> <patch_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" operator="AND" version="1" id="oval:com.hp.oval:ste:2"> <version operation="greater than or equal" datatype="int">05</version> </patch_state> <patch_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" operator="AND" version="1" id="oval:com.hp.oval:ste:3"> <version operation="greater than or equal" datatype="int">11</version> </patch_state> <patch_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" operator="AND" version="1" id="oval:com.hp.oval:ste:4"> <version operation="greater than or equal" datatype="int">04</version> </patch_state> <patch_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" operator="AND" version="1" id="oval:com.hp.oval:ste:5"> <version operation="greater than or equal" datatype="int">04</version> </patch_state> <oslevel_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" operator="AND" version="1" id="oval:com.hp.oval:ste:6"> <maintenance_level operation="greater than or equal" datatype="version">4300-00</maintenance_level> </oslevel_state> <oslevel_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" operator="AND" version="1" id="oval:com.hp.oval:ste:7"> <maintenance_level operation="less than" datatype="version">5000-00</maintenance_level> </oslevel_state> <fix_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" operator="AND" version="1" id="oval:com.hp.oval:ste:8"> <installation_status operation="equals">ALL_INSTALLED</installation_status> </fix_state> <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3443" version="1" comment="processor type is ix86"> <processor_type operation="pattern match">^i.*86</processor_type> </uname_state> <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3478" version="1" comment="processor type is SPARC"> <processor_type operation="pattern match">[Ss][Pp][Aa][Rr][Cc]</processor_type> </uname_state> <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3597" version="1"> <os_release>5.10</os_release> </uname_state> <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3700" version="1" comment="os release is 5.8"> <os_release>5.8</os_release> </uname_state> <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3891" version="1" comment="os release is 5.9"> <os_release>5.9</os_release> </uname_state> </states> </oval_definitions> |
Worrell, Bryan A.
|
Pai,
Thank you for your submission to the OVAL Repository. Your submission has been processed and is available for further community review via the OVAL Repository website. Thanks, Bryan Worrell __ Bryan Worrell The MITRE Corporation bworrell@... >-----Original Message----- >From: Peng, Pai [mailto:pai.peng@...] >Sent: Tuesday, August 12, 2008 4:08 PM >To: oval-discussion-list OVAL Discussion List/Closed Public Discussi >Subject: [OVAL-DISCUSSION-LIST] New OVAL for Solaris and AIX > >We'd like to submit 5 OVAL definitions. Four of them cover CVE-2008-0964 ><http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0964> , CVE-2008-0965 ><http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0965> , CVE-2008-3549 ><http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3549> , and CVE-2008-0509 ><http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0509> . One inventory >definition is for cpe:/o:ibm:aix:4.3. > > > >Thanks, > >Pai > > > > > >To unsubscribe, send an email message to LISTSERV@... with >SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have >difficulties, write to OVAL-DISCUSSION-LIST-request@.... To unsubscribe, send an email message to LISTSERV@... with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to OVAL-DISCUSSION-LIST-request@.... |
||||||||||||||||||
| Free Forum Powered by Nabble | Forum Help |