Making Security Measurable
 › 
OVAL
 › 
OVAL Repository Forum

New hp-ux 11 OVALs

6 Messages Forum Options Options
Embed this topic
Permalink
Wood, Michael
New hp-ux 11 OVALs
Reply Threaded MoreMore options
Print post
Permalink
Here are some new HP-UX OVALs we would like to submit.  HP-UX-12.xml contains

oval:com.hp.temp.oval:def:20080828001   CVE-2007-4465
oval:com.hp.temp.oval:def:20080828002   CVE-2008-2168
oval:com.hp.temp.oval:def:20080828003   CVE-2008-2364

Thanks,

Michael Wood
HEWLETT-PACKARD

To unsubscribe, send an email message to LISTSERV@... with
SIGNOFF OVAL-DISCUSSION-LIST
in the BODY of the message.  If you have difficulties, write to OVAL-DISCUSSION-LIST-request@....

<?xml version="1.0" encoding="UTF-8"?>
<oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:hpux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux hpux-definitions-schema.xsd">
  <generator>
    <oval:product_name>Hewlett-Packard</oval:product_name>
    <oval:schema_version>5.4</oval:schema_version>
    <oval:timestamp>2008-08-28T13:04:06.000-04:00</oval:timestamp>
  </generator>
  <definitions>
    <definition id="oval:com.hp.temp.oval:def:20080828001" version="0" class="vulnerability">
      <metadata>
        <title>HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS)</title>
        <affected family="unix">
          <platform>HP-UX 11</platform>
        </affected>
        <reference source="CVE" ref_id="CVE-2007-4465" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465"/>
        <description>A potential security vulnerability has been identified with HP-UX running Apache. These vulnerabilities could be exploited remotely resulting in Cross Site Scripting (XSS) or Denial of Service (DoS).</description>
        <oval_repository>
          <dates>
            <submitted date="2008-08-28T13:04:06.000-04:00">
              <contributor organization="Hewlett-Packard">Michael Wood</contributor>
            </submitted>
          </dates>
          <status>DRAFT</status>
        </oval_repository>
      </metadata>
      <criteria operator="OR">
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02365">
          <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="hpuxwsAPACHE.PHP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828001"/>
            <criterion comment="hpuxwsAPACHE.PHP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828002"/>
            <criterion comment="hpuxwsAPACHE.APACHE version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828003"/>
            <criterion comment="hpuxwsAPACHE.APACHE2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828004"/>
            <criterion comment="hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828005"/>
            <criterion comment="hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828006"/>
            <criterion comment="hpuxwsAPACHE.MOD_JK version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828007"/>
            <criterion comment="hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828008"/>
            <criterion comment="hpuxwsAPACHE.WEBPROXY version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828009"/>
            <criterion comment="hpuxwsAPACHE.MOD_PERL version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828010"/>
            <criterion comment="hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828011"/>
          </criteria>
        </criteria>
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02365">
          <criteria operator="OR" comment="platforms">
            <criterion comment="HP-UX B.11.31" test_ref="oval:org.mitre.oval:tst:8260"/>
            <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/>
          </criteria>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="hpuxwsAPCH32.PHP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828012"/>
            <criterion comment="hpuxwsAPACHE.APACHE2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828004"/>
            <criterion comment="hpuxwsAPCH32.PHP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828013"/>
            <criterion comment="hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828005"/>
            <criterion comment="hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828006"/>
            <criterion comment="hpuxwsAPACHE.MOD_JK version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828007"/>
            <criterion comment="hpuxwsAPCH32.APACHE version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828014"/>
            <criterion comment="hpuxwsAPCH32.APACHE2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828015"/>
            <criterion comment="hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828008"/>
            <criterion comment="hpuxwsAPACHE.MOD_PERL version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828010"/>
            <criterion comment="hpuxwsAPCH32.AUTH_LDAP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828016"/>
            <criterion comment="hpuxwsAPCH32.AUTH_LDAP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828017"/>
            <criterion comment="hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828011"/>
            <criterion comment="hpuxwsAPCH32.MOD_JK version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828018"/>
            <criterion comment="hpuxwsAPACHE.PHP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828001"/>
            <criterion comment="hpuxwsAPCH32.MOD_JK2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828019"/>
            <criterion comment="hpuxwsAPACHE.PHP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828002"/>
            <criterion comment="hpuxwsAPACHE.WEBPROXY version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828009"/>
            <criterion comment="hpuxwsAPCH32.MOD_PERL version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828020"/>
            <criterion comment="hpuxwsAPCH32.WEBPROXY version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828021"/>
            <criterion comment="hpuxwsAPCH32.MOD_PERL2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828022"/>
            <criterion comment="hpuxwsAPACHE.APACHE version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828003"/>
          </criteria>
        </criteria>
      </criteria>
    </definition>
    <definition id="oval:com.hp.temp.oval:def:20080828002" version="0" class="vulnerability">
      <metadata>
        <title>HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS)</title>
        <affected family="unix">
          <platform>HP-UX 11</platform>
        </affected>
        <reference source="CVE" ref_id="CVE-2008-2168" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2168"/>
        <description>A potential security vulnerability has been identified with HP-UX running Apache. These vulnerabilities could be exploited remotely resulting in Cross Site Scripting (XSS) or Denial of Service (DoS).</description>
        <oval_repository>
          <dates>
            <submitted date="2008-08-28T13:04:06.000-04:00">
              <contributor organization="Hewlett-Packard">Michael Wood</contributor>
            </submitted>
          </dates>
          <status>DRAFT</status>
        </oval_repository>
      </metadata>
      <criteria operator="OR">
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02365">
          <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="hpuxwsAPACHE.PHP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828001"/>
            <criterion comment="hpuxwsAPACHE.PHP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828002"/>
            <criterion comment="hpuxwsAPACHE.APACHE version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828003"/>
            <criterion comment="hpuxwsAPACHE.APACHE2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828004"/>
            <criterion comment="hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828005"/>
            <criterion comment="hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828006"/>
            <criterion comment="hpuxwsAPACHE.MOD_JK version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828007"/>
            <criterion comment="hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828008"/>
            <criterion comment="hpuxwsAPACHE.WEBPROXY version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828009"/>
            <criterion comment="hpuxwsAPACHE.MOD_PERL version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828010"/>
            <criterion comment="hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828011"/>
          </criteria>
        </criteria>
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02365">
          <criteria operator="OR" comment="platforms">
            <criterion comment="HP-UX B.11.31" test_ref="oval:org.mitre.oval:tst:8260"/>
            <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/>
          </criteria>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="hpuxwsAPCH32.PHP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828012"/>
            <criterion comment="hpuxwsAPACHE.APACHE2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828004"/>
            <criterion comment="hpuxwsAPCH32.PHP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828013"/>
            <criterion comment="hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828005"/>
            <criterion comment="hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828006"/>
            <criterion comment="hpuxwsAPACHE.MOD_JK version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828007"/>
            <criterion comment="hpuxwsAPCH32.APACHE version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828014"/>
            <criterion comment="hpuxwsAPCH32.APACHE2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828015"/>
            <criterion comment="hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828008"/>
            <criterion comment="hpuxwsAPACHE.MOD_PERL version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828010"/>
            <criterion comment="hpuxwsAPCH32.AUTH_LDAP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828016"/>
            <criterion comment="hpuxwsAPCH32.AUTH_LDAP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828017"/>
            <criterion comment="hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828011"/>
            <criterion comment="hpuxwsAPCH32.MOD_JK version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828018"/>
            <criterion comment="hpuxwsAPACHE.PHP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828001"/>
            <criterion comment="hpuxwsAPCH32.MOD_JK2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828019"/>
            <criterion comment="hpuxwsAPACHE.PHP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828002"/>
            <criterion comment="hpuxwsAPACHE.WEBPROXY version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828009"/>
            <criterion comment="hpuxwsAPCH32.MOD_PERL version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828020"/>
            <criterion comment="hpuxwsAPCH32.WEBPROXY version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828021"/>
            <criterion comment="hpuxwsAPCH32.MOD_PERL2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828022"/>
            <criterion comment="hpuxwsAPACHE.APACHE version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828003"/>
          </criteria>
        </criteria>
      </criteria>
    </definition>
    <definition id="oval:com.hp.temp.oval:def:20080828003" version="0" class="vulnerability">
      <metadata>
        <title>HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS)</title>
        <affected family="unix">
          <platform>HP-UX 11</platform>
        </affected>
        <reference source="CVE" ref_id="CVE-2008-2364" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364"/>
        <description>A potential security vulnerability has been identified with HP-UX running Apache. These vulnerabilities could be exploited remotely resulting in Cross Site Scripting (XSS) or Denial of Service (DoS).</description>
        <oval_repository>
          <dates>
            <submitted date="2008-08-28T13:04:06.000-04:00">
              <contributor organization="Hewlett-Packard">Michael Wood</contributor>
            </submitted>
          </dates>
          <status>DRAFT</status>
        </oval_repository>
      </metadata>
      <criteria operator="OR">
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02365">
          <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="hpuxwsAPACHE.PHP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828001"/>
            <criterion comment="hpuxwsAPACHE.PHP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828002"/>
            <criterion comment="hpuxwsAPACHE.APACHE version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828003"/>
            <criterion comment="hpuxwsAPACHE.APACHE2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828004"/>
            <criterion comment="hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828005"/>
            <criterion comment="hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828006"/>
            <criterion comment="hpuxwsAPACHE.MOD_JK version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828007"/>
            <criterion comment="hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828008"/>
            <criterion comment="hpuxwsAPACHE.WEBPROXY version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828009"/>
            <criterion comment="hpuxwsAPACHE.MOD_PERL version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828010"/>
            <criterion comment="hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828011"/>
          </criteria>
        </criteria>
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02365">
          <criteria operator="OR" comment="platforms">
            <criterion comment="HP-UX B.11.31" test_ref="oval:org.mitre.oval:tst:8260"/>
            <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/>
          </criteria>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="hpuxwsAPCH32.PHP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828012"/>
            <criterion comment="hpuxwsAPACHE.APACHE2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828004"/>
            <criterion comment="hpuxwsAPCH32.PHP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828013"/>
            <criterion comment="hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828005"/>
            <criterion comment="hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828006"/>
            <criterion comment="hpuxwsAPACHE.MOD_JK version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828007"/>
            <criterion comment="hpuxwsAPCH32.APACHE version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828014"/>
            <criterion comment="hpuxwsAPCH32.APACHE2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828015"/>
            <criterion comment="hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828008"/>
            <criterion comment="hpuxwsAPACHE.MOD_PERL version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828010"/>
            <criterion comment="hpuxwsAPCH32.AUTH_LDAP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828016"/>
            <criterion comment="hpuxwsAPCH32.AUTH_LDAP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828017"/>
            <criterion comment="hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828011"/>
            <criterion comment="hpuxwsAPCH32.MOD_JK version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828018"/>
            <criterion comment="hpuxwsAPACHE.PHP version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828001"/>
            <criterion comment="hpuxwsAPCH32.MOD_JK2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828019"/>
            <criterion comment="hpuxwsAPACHE.PHP2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828002"/>
            <criterion comment="hpuxwsAPACHE.WEBPROXY version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828009"/>
            <criterion comment="hpuxwsAPCH32.MOD_PERL version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828020"/>
            <criterion comment="hpuxwsAPCH32.WEBPROXY version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828021"/>
            <criterion comment="hpuxwsAPCH32.MOD_PERL2 version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828022"/>
            <criterion comment="hpuxwsAPACHE.APACHE version is less than B.2.0.59.07.01" test_ref="oval:com.hp.temp.oval:tst:20080828003"/>
          </criteria>
        </criteria>
      </criteria>
    </definition>
  </definitions>
  <tests>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPACHE.PHP version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828001">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828001"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPACHE.PHP2 version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828002">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828002"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPACHE.APACHE version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828003">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828003"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPACHE.APACHE2 version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828004">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828004"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828005">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828005"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828006">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828006"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPACHE.MOD_JK version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828007">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828007"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828008">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828008"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPACHE.WEBPROXY version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828009">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828009"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPACHE.MOD_PERL version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828010">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828010"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828011">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828011"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPCH32.PHP version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828012">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828012"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPCH32.PHP2 version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828013">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828013"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPCH32.APACHE version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828014">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828014"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPCH32.APACHE2 version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828015">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828015"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPCH32.AUTH_LDAP version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828016">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828016"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPCH32.AUTH_LDAP2 version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828017">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828017"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPCH32.MOD_JK version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828018">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828018"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPCH32.MOD_JK2 version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828019">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828019"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPCH32.MOD_PERL version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828020">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828020"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPCH32.WEBPROXY version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828021">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828021"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="hpuxwsAPCH32.MOD_PERL2 version is less than B.2.0.59.07.01" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080828022">
      <object object_ref="oval:com.hp.temp.oval:obj:20080828022"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080828001"/>
    </swlist_test>
    <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3704" version="1" comment="HP Release B.11.11" check_existence="at_least_one_exists" check="all">
      <object object_ref="oval:org.mitre.oval:obj:2759"/>
      <state state_ref="oval:org.mitre.oval:ste:3389"/>
    </uname_test>
    <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3901" version="1" comment="HP Release B.11.23" check_existence="at_least_one_exists" check="all">
      <object object_ref="oval:org.mitre.oval:obj:2759"/>
      <state state_ref="oval:org.mitre.oval:ste:3324"/>
    </uname_test>
    <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:8260" version="1" comment="HP-UX B.11.31" check_existence="at_least_one_exists" check="all">
      <object object_ref="oval:org.mitre.oval:obj:2759"/>
      <state state_ref="oval:org.mitre.oval:ste:3363"/>
    </uname_test>
  </tests>
  <objects>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828001">
      <swlist>hpuxwsAPACHE.PHP</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828002">
      <swlist>hpuxwsAPACHE.PHP2</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828003">
      <swlist>hpuxwsAPACHE.APACHE</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828004">
      <swlist>hpuxwsAPACHE.APACHE2</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828005">
      <swlist>hpuxwsAPACHE.AUTH_LDAP</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828006">
      <swlist>hpuxwsAPACHE.AUTH_LDAP2</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828007">
      <swlist>hpuxwsAPACHE.MOD_JK</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828008">
      <swlist>hpuxwsAPACHE.MOD_JK2</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828009">
      <swlist>hpuxwsAPACHE.WEBPROXY</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828010">
      <swlist>hpuxwsAPACHE.MOD_PERL</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828011">
      <swlist>hpuxwsAPACHE.MOD_PERL2</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828012">
      <swlist>hpuxwsAPCH32.PHP</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828013">
      <swlist>hpuxwsAPCH32.PHP2</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828014">
      <swlist>hpuxwsAPCH32.APACHE</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828015">
      <swlist>hpuxwsAPCH32.APACHE2</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828016">
      <swlist>hpuxwsAPCH32.AUTH_LDAP</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828017">
      <swlist>hpuxwsAPCH32.AUTH_LDAP2</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828018">
      <swlist>hpuxwsAPCH32.MOD_JK</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828019">
      <swlist>hpuxwsAPCH32.MOD_JK2</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828020">
      <swlist>hpuxwsAPCH32.MOD_PERL</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828021">
      <swlist>hpuxwsAPCH32.WEBPROXY</swlist>
    </swlist_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20080828022">
      <swlist>hpuxwsAPCH32.MOD_PERL2</swlist>
    </swlist_object>
    <uname_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:obj:2759" version="1" comment="The single uname object."/>
  </objects>
  <states>
    <swlist_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:ste:20080828001">
      <version operation="less than" datatype="fileset_revision">B.2.0.59.07.01</version>
    </swlist_state>
    <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3324" version="1">
      <os_release>B.11.23</os_release>
    </uname_state>
    <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3363" version="1">
      <os_release>B.11.31</os_release>
    </uname_state>
    <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3389" version="1">
      <os_release>B.11.11</os_release>
    </uname_state>
  </states>
</oval_definitions>
Worrell, Bryan A.
Re: New hp-ux 11 OVALs
Reply Threaded MoreMore options
Print post
Permalink
Michael,

Thank you for your submission to the OVAL Repository website.  Your
submission has been processed and is available for further community
review via the OVAL Repository website.

Thanks,
Bryan Worrell



__
Bryan Worrell    
The MITRE Corporation
bworrell@...




>-----Original Message-----
>From: Wood, Michael [mailto:michael.wood@...]
>Sent: Thursday, August 28, 2008 1:20 PM
>To: oval-discussion-list OVAL Discussion List/Closed Public Discussi
>Subject: [OVAL-DISCUSSION-LIST] New hp-ux 11 OVALs
>
>Here are some new HP-UX OVALs we would like to submit.  HP-UX-12.xml
>contains
>
>oval:com.hp.temp.oval:def:20080828001   CVE-2007-4465
>oval:com.hp.temp.oval:def:20080828002   CVE-2008-2168
>oval:com.hp.temp.oval:def:20080828003   CVE-2008-2364
>
>Thanks,
>
>Michael Wood
>HEWLETT-PACKARD
>
>To unsubscribe, send an email message to LISTSERV@... with
>SIGNOFF OVAL-DISCUSSION-LIST
>in the BODY of the message.  If you have difficulties, write to OVAL-
>DISCUSSION-LIST-request@....

To unsubscribe, send an email message to LISTSERV@... with
SIGNOFF OVAL-DISCUSSION-LIST
in the BODY of the message.  If you have difficulties, write to OVAL-DISCUSSION-LIST-request@....
Wood, Michael
New HP-UX 11 OVALs
Reply Threaded MoreMore options
Print post
Permalink
In reply to this post by Wood, Michael
Here are some new HP-UX OVALs we would like to submit.  HP-UX-13.xml
contains

oval:com.hp.temp.oval:def:20080902001   CVE-2008-2928
oval:com.hp.temp.oval:def:20080902002   CVE-2008-2929
oval:com.hp.temp.oval:def:20080902003   CVE-2008-2930
oval:com.hp.temp.oval:def:20080902004   CVE-2008-3283

Thanks,

Michael Wood
HEWLETT-PACKARD

To unsubscribe, send an email message to LISTSERV@... with
SIGNOFF OVAL-DISCUSSION-LIST
in the BODY of the message.  If you have difficulties, write to OVAL-DISCUSSION-LIST-request@....

<?xml version="1.0" encoding="UTF-8"?>
<oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:hpux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux hpux-definitions-schema.xsd">
  <generator>
    <oval:product_name>Hewlett-Packard</oval:product_name>
    <oval:schema_version>5.4</oval:schema_version>
    <oval:timestamp>2008-09-02T12:41:13.000-04:00</oval:timestamp>
  </generator>
  <definitions>
    <definition id="oval:com.hp.temp.oval:def:20080902001" version="0" class="vulnerability">
      <metadata>
        <title>HP-UX Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS)</title>
        <affected family="unix">
          <platform>HP-UX 11</platform>
        </affected>
        <reference source="CVE" ref_id="CVE-2008-2928" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2928"/>
        <description>Potential security vulnerabilities have been identified in HP-UX running Netscape / Red Hat Directory Server. These vulnerabilities could be exploited remotely to allow Cross Site Scripting (XSS) or to create a Denial of Service (DoS).</description>
        <oval_repository>
          <dates>
            <submitted date="2008-09-02T12:41:13.000-04:00">
              <contributor organization="Hewlett-Packard">Michael Wood</contributor>
            </submitted>
          </dates>
          <status>DRAFT</status>
        </oval_repository>
      </metadata>
      <criteria operator="OR">
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02354">
          <criteria operator="OR" comment="platforms">
            <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/>
            <criterion comment="HP-UX B.11.31" test_ref="oval:org.mitre.oval:tst:8260"/>
            <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/>
          </criteria>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="NetscapeDirSvr7.NDS-SLAPD version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902001"/>
            <criterion comment="NetscapeDirSvr7.NDS-SLCLNT version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902002"/>
            <criterion comment="NetscapeDirSvr7.NDS-ADM version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902003"/>
            <criterion comment="NetscapeDirSvr7.NDS-BASE version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902004"/>
            <criterion comment="NetscapeDirSvr7.NDS-BSCLNT version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902005"/>
            <criterion comment="NetscapeDirSvr7.NDS-BSJRE version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902006"/>
            <criterion comment="NetscapeDirSvr7.NDS-NC version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902007"/>
            <criterion comment="NetscapeDirSvr7.NDS-NSPERL version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902008"/>
            <criterion comment="NetscapeDirSvr7.NDS-PERLDAP version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902009"/>
            <criterion comment="NetscapeDirSvr7.NDS-SVCORE version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902010"/>
            <criterion comment="NetscapeDirSvr7.NDS-RUN version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902011"/>
          </criteria>
        </criteria>
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02354">
          <criteria operator="OR" comment="platforms">
            <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/>
            <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/>
          </criteria>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="NetscapeDirSvr6.NDS-SLCLNT version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902012"/>
            <criterion comment="NetscapeDirSvr6.NDS-SVCORE version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902013"/>
            <criterion comment="NetscapeDirSvr6.NDS-ADM version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902014"/>
            <criterion comment="NetscapeDirSvr6.NDS-BASE version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902015"/>
            <criterion comment="NetscapeDirSvr6.NDS-BSCLNT version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902016"/>
            <criterion comment="NetscapeDirSvr6.NDS-BSJRE version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902017"/>
            <criterion comment="NetscapeDirSvr6.NDS-NC version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902018"/>
            <criterion comment="NetscapeDirSvr6.NDS-NSPERL version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902019"/>
            <criterion comment="NetscapeDirSvr6.NDS-PERLDAP version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902020"/>
            <criterion comment="NetscapeDirSvr6.NDS-SLAPD version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902021"/>
          </criteria>
        </criteria>
      </criteria>
    </definition>
    <definition id="oval:com.hp.temp.oval:def:20080902002" version="0" class="vulnerability">
      <metadata>
        <title>HP-UX Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS)</title>
        <affected family="unix">
          <platform>HP-UX 11</platform>
        </affected>
        <reference source="CVE" ref_id="CVE-2008-2929" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2929"/>
        <description>Potential security vulnerabilities have been identified in HP-UX running Netscape / Red Hat Directory Server. These vulnerabilities could be exploited remotely to allow Cross Site Scripting (XSS) or to create a Denial of Service (DoS).</description>
        <oval_repository>
          <dates>
            <submitted date="2008-09-02T12:41:14.000-04:00">
              <contributor organization="Hewlett-Packard">Michael Wood</contributor>
            </submitted>
          </dates>
          <status>DRAFT</status>
        </oval_repository>
      </metadata>
      <criteria operator="OR">
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02354">
          <criteria operator="OR" comment="platforms">
            <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/>
            <criterion comment="HP-UX B.11.31" test_ref="oval:org.mitre.oval:tst:8260"/>
            <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/>
          </criteria>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="NetscapeDirSvr7.NDS-SLAPD version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902001"/>
            <criterion comment="NetscapeDirSvr7.NDS-SLCLNT version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902002"/>
            <criterion comment="NetscapeDirSvr7.NDS-ADM version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902003"/>
            <criterion comment="NetscapeDirSvr7.NDS-BASE version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902004"/>
            <criterion comment="NetscapeDirSvr7.NDS-BSCLNT version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902005"/>
            <criterion comment="NetscapeDirSvr7.NDS-BSJRE version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902006"/>
            <criterion comment="NetscapeDirSvr7.NDS-NC version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902007"/>
            <criterion comment="NetscapeDirSvr7.NDS-NSPERL version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902008"/>
            <criterion comment="NetscapeDirSvr7.NDS-PERLDAP version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902009"/>
            <criterion comment="NetscapeDirSvr7.NDS-SVCORE version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902010"/>
            <criterion comment="NetscapeDirSvr7.NDS-RUN version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902011"/>
          </criteria>
        </criteria>
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02354">
          <criteria operator="OR" comment="platforms">
            <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/>
            <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/>
          </criteria>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="NetscapeDirSvr6.NDS-SLCLNT version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902012"/>
            <criterion comment="NetscapeDirSvr6.NDS-SVCORE version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902013"/>
            <criterion comment="NetscapeDirSvr6.NDS-ADM version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902014"/>
            <criterion comment="NetscapeDirSvr6.NDS-BASE version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902015"/>
            <criterion comment="NetscapeDirSvr6.NDS-BSCLNT version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902016"/>
            <criterion comment="NetscapeDirSvr6.NDS-BSJRE version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902017"/>
            <criterion comment="NetscapeDirSvr6.NDS-NC version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902018"/>
            <criterion comment="NetscapeDirSvr6.NDS-NSPERL version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902019"/>
            <criterion comment="NetscapeDirSvr6.NDS-PERLDAP version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902020"/>
            <criterion comment="NetscapeDirSvr6.NDS-SLAPD version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902021"/>
          </criteria>
        </criteria>
      </criteria>
    </definition>
    <definition id="oval:com.hp.temp.oval:def:20080902003" version="0" class="vulnerability">
      <metadata>
        <title>HP-UX Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS)</title>
        <affected family="unix">
          <platform>HP-UX 11</platform>
        </affected>
        <reference source="CVE" ref_id="CVE-2008-2930" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2930"/>
        <description>Potential security vulnerabilities have been identified in HP-UX running Netscape / Red Hat Directory Server. These vulnerabilities could be exploited remotely to allow Cross Site Scripting (XSS) or to create a Denial of Service (DoS).</description>
        <oval_repository>
          <dates>
            <submitted date="2008-09-02T12:41:14.000-04:00">
              <contributor organization="Hewlett-Packard">Michael Wood</contributor>
            </submitted>
          </dates>
          <status>DRAFT</status>
        </oval_repository>
      </metadata>
      <criteria operator="OR">
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02354">
          <criteria operator="OR" comment="platforms">
            <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/>
            <criterion comment="HP-UX B.11.31" test_ref="oval:org.mitre.oval:tst:8260"/>
            <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/>
          </criteria>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="NetscapeDirSvr7.NDS-SLAPD version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902001"/>
            <criterion comment="NetscapeDirSvr7.NDS-SLCLNT version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902002"/>
            <criterion comment="NetscapeDirSvr7.NDS-ADM version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902003"/>
            <criterion comment="NetscapeDirSvr7.NDS-BASE version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902004"/>
            <criterion comment="NetscapeDirSvr7.NDS-BSCLNT version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902005"/>
            <criterion comment="NetscapeDirSvr7.NDS-BSJRE version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902006"/>
            <criterion comment="NetscapeDirSvr7.NDS-NC version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902007"/>
            <criterion comment="NetscapeDirSvr7.NDS-NSPERL version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902008"/>
            <criterion comment="NetscapeDirSvr7.NDS-PERLDAP version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902009"/>
            <criterion comment="NetscapeDirSvr7.NDS-SVCORE version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902010"/>
            <criterion comment="NetscapeDirSvr7.NDS-RUN version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902011"/>
          </criteria>
        </criteria>
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02354">
          <criteria operator="OR" comment="platforms">
            <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/>
            <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/>
          </criteria>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="NetscapeDirSvr6.NDS-SLCLNT version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902012"/>
            <criterion comment="NetscapeDirSvr6.NDS-SVCORE version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902013"/>
            <criterion comment="NetscapeDirSvr6.NDS-ADM version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902014"/>
            <criterion comment="NetscapeDirSvr6.NDS-BASE version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902015"/>
            <criterion comment="NetscapeDirSvr6.NDS-BSCLNT version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902016"/>
            <criterion comment="NetscapeDirSvr6.NDS-BSJRE version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902017"/>
            <criterion comment="NetscapeDirSvr6.NDS-NC version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902018"/>
            <criterion comment="NetscapeDirSvr6.NDS-NSPERL version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902019"/>
            <criterion comment="NetscapeDirSvr6.NDS-PERLDAP version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902020"/>
            <criterion comment="NetscapeDirSvr6.NDS-SLAPD version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902021"/>
          </criteria>
        </criteria>
      </criteria>
    </definition>
    <definition id="oval:com.hp.temp.oval:def:20080902004" version="0" class="vulnerability">
      <metadata>
        <title>HP-UX Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS)</title>
        <affected family="unix">
          <platform>HP-UX 11</platform>
        </affected>
        <reference source="CVE" ref_id="CVE-2008-3283" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3283"/>
        <description>Potential security vulnerabilities have been identified in HP-UX running Netscape / Red Hat Directory Server. These vulnerabilities could be exploited remotely to allow Cross Site Scripting (XSS) or to create a Denial of Service (DoS).</description>
        <oval_repository>
          <dates>
            <submitted date="2008-09-02T12:41:14.000-04:00">
              <contributor organization="Hewlett-Packard">Michael Wood</contributor>
            </submitted>
          </dates>
          <status>DRAFT</status>
        </oval_repository>
      </metadata>
      <criteria operator="OR">
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02354">
          <criteria operator="OR" comment="platforms">
            <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/>
            <criterion comment="HP-UX B.11.31" test_ref="oval:org.mitre.oval:tst:8260"/>
            <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/>
          </criteria>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="NetscapeDirSvr7.NDS-SLAPD version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902001"/>
            <criterion comment="NetscapeDirSvr7.NDS-SLCLNT version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902002"/>
            <criterion comment="NetscapeDirSvr7.NDS-ADM version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902003"/>
            <criterion comment="NetscapeDirSvr7.NDS-BASE version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902004"/>
            <criterion comment="NetscapeDirSvr7.NDS-BSCLNT version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902005"/>
            <criterion comment="NetscapeDirSvr7.NDS-BSJRE version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902006"/>
            <criterion comment="NetscapeDirSvr7.NDS-NC version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902007"/>
            <criterion comment="NetscapeDirSvr7.NDS-NSPERL version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902008"/>
            <criterion comment="NetscapeDirSvr7.NDS-PERLDAP version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902009"/>
            <criterion comment="NetscapeDirSvr7.NDS-SVCORE version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902010"/>
            <criterion comment="NetscapeDirSvr7.NDS-RUN version is less than B.07.10.50" test_ref="oval:com.hp.temp.oval:tst:20080902011"/>
          </criteria>
        </criteria>
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02354">
          <criteria operator="OR" comment="platforms">
            <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/>
            <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/>
          </criteria>
          <criteria operator="OR" comment="filesets tests">
            <criterion comment="NetscapeDirSvr6.NDS-SLCLNT version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902012"/>
            <criterion comment="NetscapeDirSvr6.NDS-SVCORE version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902013"/>
            <criterion comment="NetscapeDirSvr6.NDS-ADM version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902014"/>
            <criterion comment="NetscapeDirSvr6.NDS-BASE version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902015"/>
            <criterion comment="NetscapeDirSvr6.NDS-BSCLNT version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902016"/>
            <criterion comment="NetscapeDirSvr6.NDS-BSJRE version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902017"/>
            <criterion comment="NetscapeDirSvr6.NDS-NC version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902018"/>
            <criterion comment="NetscapeDirSvr6.NDS-NSPERL version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902019"/>
            <criterion comment="NetscapeDirSvr6.NDS-PERLDAP version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902020"/>
            <criterion comment="NetscapeDirSvr6.NDS-SLAPD version is less than B.06.21.70" test_ref="oval:com.hp.temp.oval:tst:20080902021"/>
          </criteria>
        </criteria>
      </criteria>
    </definition>
  </definitions>
  <tests>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="NetscapeDirSvr7.NDS-SLAPD version is less than B.07.10.50" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080902001">
      <object object_ref="oval:com.hp.temp.oval:obj:20080902001"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080902001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="NetscapeDirSvr7.NDS-SLCLNT version is less than B.07.10.50" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080902002">
      <object object_ref="oval:com.hp.temp.oval:obj:20080902002"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080902001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="NetscapeDirSvr7.NDS-ADM version is less than B.07.10.50" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080902003">
      <object object_ref="oval:com.hp.temp.oval:obj:20080902003"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080902001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="NetscapeDirSvr7.NDS-BASE version is less than B.07.10.50" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080902004">
      <object object_ref="oval:com.hp.temp.oval:obj:20080902004"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080902001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="NetscapeDirSvr7.NDS-BSCLNT version is less than B.07.10.50" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080902005">
      <object object_ref="oval:com.hp.temp.oval:obj:20080902005"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080902001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="NetscapeDirSvr7.NDS-BSJRE version is less than B.07.10.50" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080902006">
      <object object_ref="oval:com.hp.temp.oval:obj:20080902006"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080902001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="NetscapeDirSvr7.NDS-NC version is less than B.07.10.50" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20080902007">
      <object object_ref="oval:com.hp.temp.oval:obj:20080902007"/>
      <state state_ref="oval:com.hp.temp.oval:ste:20080902001"/>
    </swlist_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_