Making Security Measurable
 › 
OVAL
 › 
OVAL Repository Forum

New VMware ESX OVAL

1 Message Forum Options Options
Embed this topic
Permalink
Zhou, Yuzheng
New VMware ESX OVAL
Reply Threaded MoreMore options
Print post
Permalink
We have generated 1 new OVAL to cover the vulnerability described in CVE-2007-1270. It uses the newly introduced VMware ESX schema. Let me know if there is any issue with it.

Thanks,
Yuzheng Zhou


To unsubscribe, send an email message to LISTSERV@... with
SIGNOFF OVAL-DISCUSSION-LIST
in the BODY of the message.  If you have difficulties, write to OVAL-DISCUSSION-LIST-request@....

<?xml version="1.0" encoding="UTF-8"?>
<oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:esx-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#esx esx-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd">
  <generator>
    <oval:product_name>Hewlett-Packard</oval:product_name>
    <oval:schema_version>5.4</oval:schema_version>
    <oval:timestamp>2008-04-10T15:10:44.000-05:00</oval:timestamp>
  </generator>
  <definitions>
    <definition id="oval:com.hp.oval:def:20080303001" version="0" class="vulnerability">
      <metadata>
        <title>VMware ESX server double free vulnerability may let remote users execute arbitrary code</title>
        <affected family="unix">
          <platform>VMWare ESX Server 3</platform>
        </affected>
        <reference source="CVE" ref_id="CVE-2007-1270" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1270"/>
        <description>Double free vulnerability in VMware ESX Server 3.0.0 and 3.0.1 allows attackers to cause a denial of service (crash), obtain sensitive information, or possibly execute arbitrary code via unspecified vectors.</description>
        <oval_repository>
          <dates>
            <submitted date="2008-04-10T15:10:44.000-05:00">
              <contributor organization="Hewlett-Packard">Yuzheng Zhou</contributor>
            </submitted>
          </dates>
          <status>DRAFT</status>
        </oval_repository>
      </metadata>
      <criteria operator="OR" comment="Software Section">
        <criteria operator="AND" comment="VMWare ESX Server 3.0.1 meets CVE-2007-1270" negate="false">
          <extend_definition comment="VMWare ESX Server 3.0.1 is installed" definition_ref="oval:com.hp.oval:def:9004"/>
          <criterion comment="Patch ESX-6431040 is not installed" test_ref="oval:com.hp.oval:tst:20080303001" negate="false"/>
        </criteria>
        <criteria operator="AND" comment="VMWare ESX Server 3.0.0 meets CVE-2007-1270" negate="false">
          <extend_definition comment="VMWare ESX Server 3.0.0 is installed" definition_ref="oval:com.hp.oval:def:9005"/>
          <criterion comment="Patch ESX-5754280 is not installed" test_ref="oval:com.hp.oval:tst:20080303002" negate="false"/>
        </criteria>
      </criteria>
    </definition>
    <definition id="oval:com.hp.oval:def:9004" version="0" class="inventory">
      <metadata>
        <title>VMWare ESX Server 3.0.1 is installed</title>
        <affected family="unix">
          <platform>VMWare ESX Server 3</platform>
        </affected>
        <reference source="CPE" ref_id="cpe:/o:vmware:esx:3.0.1"/>
        <description>The operating system installed on the system is VMWare ESX Server 3.0.1.</description>
        <oval_repository>
          <dates>
            <submitted date="2008-04-10T15:10:44.000-05:00">
              <contributor organization="Hewlett-Packard">Yuzheng Zhou</contributor>
            </submitted>
          </dates>
          <status>DRAFT</status>
        </oval_repository>
      </metadata>
      <criteria>
        <criterion comment="VMWare ESX Server 3.0.1 is installed" test_ref="oval:com.hp.oval:tst:9007" negate="false"/>
      </criteria>
    </definition>
    <definition id="oval:com.hp.oval:def:9005" version="0" class="inventory">
      <metadata>
        <title>VMWare ESX Server 3.0.0 is installed</title>
        <affected family="unix">
          <platform>VMWare ESX Server 3</platform>
        </affected>
        <reference source="CPE" ref_id="cpe:/o:vmware:esx:3.0.0"/>
        <description>The operating system installed on the system is VMWare ESX Server 3.0.0.</description>
        <oval_repository>
          <dates>
            <submitted date="2008-04-10T15:10:44.000-05:00">
              <contributor organization="Hewlett-Packard">Yuzheng Zhou</contributor>
            </submitted>
          </dates>
          <status>DRAFT</status>
        </oval_repository>
      </metadata>
      <criteria>
        <criterion comment="VMWare ESX Server 3.0.0 is installed" test_ref="oval:com.hp.oval:tst:9008" negate="false"/>
      </criteria>
    </definition>
  </definitions>
  <tests>
    <version_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" check_existence="at_least_one_exists" comment="VMWare ESX Server 3.0.1 is installed" check="at least one" version="0" id="oval:com.hp.oval:tst:9007">
      <object object_ref="oval:com.hp.oval:obj:9002"/>
      <state state_ref="oval:com.hp.oval:ste:9007"/>
    </version_test>
    <version_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" check_existence="at_least_one_exists" comment="VMWare ESX Server 3.0.0 is installed" check="at least one" version="0" id="oval:com.hp.oval:tst:9008">
      <object object_ref="oval:com.hp.oval:obj:9002"/>
      <state state_ref="oval:com.hp.oval:ste:9008"/>
    </version_test>
    <patch_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" check_existence="none_exist" comment="Patch ESX-6431040 is not installed" check="none satisfy" version="0" id="oval:com.hp.oval:tst:20080303001">
      <object object_ref="oval:com.hp.oval:obj:20080303001"/>
    </patch_test>
    <patch_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" check_existence="none_exist" comment="Patch ESX-5754280 is not installed" check="none satisfy" version="0" id="oval:com.hp.oval:tst:20080303002">
      <object object_ref="oval:com.hp.oval:obj:20080303002"/>
    </patch_test>
  </tests>
  <objects>
    <version_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" id="oval:com.hp.oval:obj:9002" version="0" comment="The single version object."/>
    <patch_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" version="0" id="oval:com.hp.oval:obj:20080303001">
      <patch_number datatype="int">6431040</patch_number>
    </patch_object>
    <patch_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" version="0" id="oval:com.hp.oval:obj:20080303002">
      <patch_number datatype="int">5754280</patch_number>
    </patch_object>
  </objects>
  <states>
    <version_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" operator="AND" version="0" id="oval:com.hp.oval:ste:9007">
      <release operation="equals" datatype="string">3.0.1</release>
    </version_state>
    <version_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" operator="AND" version="0" id="oval:com.hp.oval:ste:9008">
      <release operation="equals" datatype="string">3.0.0</release>
    </version_state>
  </states>
</oval_definitions>
Free Forum Powered by Nabble Forum Help