Making Security Measurable › OVAL › OVAL Repository Forum

OVAL for HPSBUX02458

2 messages Options
Embed this post
Permalink
Peng, Pai

OVAL for HPSBUX02458

Reply Threaded More More options
Print post
Permalink
Some javascript/style in this post has been disabled (why?)

I'd like to submit one OVAL to cover HPSBUX02458 (CVE-2009-2679).

 

Thanks,

Pai

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].
<?xml version="1.0" encoding="UTF-8"?>
<oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:hpux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux hpux-definitions-schema.xsd">
  <generator>
    <oval:product_name>Hewlett-Packard</oval:product_name>
    <oval:schema_version>5.6</oval:schema_version>
    <oval:timestamp>2009-09-16T13:58:26.000-04:00</oval:timestamp>
  </generator>
  <definitions>
    <definition id="oval:com.hp.temp.oval:def:20090916001" version="0" class="vulnerability">
      <metadata>
        <title>HP-UX Running bootpd, Remote Denial of Service (DoS)</title>
        <affected family="unix">
          <platform>HP-UX 11</platform>
        </affected>
        <reference source="CVE" ref_id="CVE-2009-2679" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2679"/>
        <description>A potential security vulnerability has been identified with HP-UX running bootpd. The vulnerability could be exploited remotely to create a Denial of Service (DoS).</description>
        <oval_repository>
          <dates>
            <submitted date="2009-09-16T13:58:26.000-04:00">
              <contributor organization="Hewlett-Packard">Pai Peng</contributor>
            </submitted>
          </dates>
          <status>DRAFT</status>
        </oval_repository>
      </metadata>
      <criteria operator="OR">
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02458">
          <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/>
          <criterion comment="InternetSrvcs.INETSVCS2-BOOT is installed" test_ref="oval:com.hp.temp.oval:tst:20090916001"/>
          <criterion comment="Patch PHNE_39668 is installed" test_ref="oval:com.hp.temp.oval:tst:20090916002" negate="true"/>
        </criteria>
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02458">
          <criterion comment="HP Release B.11.11" test_ref="oval:org.mitre.oval:tst:3704"/>
          <criterion comment="InternetSrvcs.INETSVCS2-BOOT is installed" test_ref="oval:com.hp.temp.oval:tst:20090916001"/>
          <criterion comment="Patch PHNE_39700 is installed" test_ref="oval:com.hp.temp.oval:tst:20090916003" negate="true"/>
        </criteria>
        <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02458">
          <criterion comment="HP-UX B.11.31" test_ref="oval:org.mitre.oval:tst:8260"/>
          <criterion comment="DHCPv4.DHCPV4-RUN is installed" test_ref="oval:com.hp.temp.oval:tst:20090916004"/>
          <criterion comment="Patch PHNE_39443 is installed" test_ref="oval:com.hp.temp.oval:tst:20090916005" negate="true"/>
        </criteria>
      </criteria>
    </definition>
  </definitions>
  <tests>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="InternetSrvcs.INETSVCS2-BOOT is installed" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20090916001">
      <object object_ref="oval:com.hp.temp.oval:obj:20090916001"/>
    </swlist_test>
    <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHNE_39668 is installed" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20090916002">
      <object object_ref="oval:com.hp.temp.oval:obj:20090916002"/>
    </patch53_test>
    <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHNE_39700 is installed" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20090916003">
      <object object_ref="oval:com.hp.temp.oval:obj:20090916003"/>
    </patch53_test>
    <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="DHCPv4.DHCPV4-RUN is installed" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20090916004">
      <object object_ref="oval:com.hp.temp.oval:obj:20090916004"/>
    </swlist_test>
    <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHNE_39443 is installed" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20090916005">
      <object object_ref="oval:com.hp.temp.oval:obj:20090916005"/>
    </patch53_test>
    <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3704" version="1" comment="HP Release B.11.11" check_existence="at_least_one_exists" check="all">
      <object object_ref="oval:org.mitre.oval:obj:2759"/>
      <state state_ref="oval:org.mitre.oval:ste:3389"/>
    </uname_test>
    <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3901" version="1" comment="HP Release B.11.23" check_existence="at_least_one_exists" check="all">
      <object object_ref="oval:org.mitre.oval:obj:2759"/>
      <state state_ref="oval:org.mitre.oval:ste:3324"/>
    </uname_test>
    <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:8260" version="1" comment="HP-UX B.11.31" check_existence="at_least_one_exists" check="all">
      <object object_ref="oval:org.mitre.oval:obj:2759"/>
      <state state_ref="oval:org.mitre.oval:ste:3363"/>
    </uname_test>
  </tests>
  <objects>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20090916001">
      <swlist>InternetSrvcs.INETSVCS2-BOOT</swlist>
    </swlist_object>
    <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20090916002">
      <behaviors supersedence="true"/>
      <swtype>PH</swtype>
      <area_patched>NE</area_patched>
      <patch_base>39668</patch_base>
    </patch53_object>
    <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20090916003">
      <behaviors supersedence="true"/>
      <swtype>PH</swtype>
      <area_patched>NE</area_patched>
      <patch_base>39700</patch_base>
    </patch53_object>
    <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20090916004">
      <swlist>DHCPv4.DHCPV4-RUN</swlist>
    </swlist_object>
    <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20090916005">
      <behaviors supersedence="true"/>
      <swtype>PH</swtype>
      <area_patched>NE</area_patched>
      <patch_base>39443</patch_base>
    </patch53_object>
    <uname_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:obj:2759" version="1" comment="The single uname object."/>
  </objects>
  <states>
    <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3389" version="1">
      <os_release>B.11.11</os_release>
    </uname_state>
    <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3324" version="1">
      <os_release>B.11.23</os_release>
    </uname_state>
    <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3363" version="1">
      <os_release>B.11.31</os_release>
    </uname_state>
  </states>
</oval_definitions>
bakerj

Re: OVAL for HPSBUX02458

Reply Threaded More More options
Print post
Permalink
Some javascript/style in this post has been disabled (why?)

Pai,

 

Thank you for the submission. The OVAL Repository has now been updated with this new definition for further community review.

 

Jon

 

============================================

Jonathan O. Baker

G022 - IA Industry Collaboration

The MITRE Corporation

Email: [hidden email]

 

From: Peng, Pai [mailto:[hidden email]]
Sent: Thursday, September 17, 2009 2:50 PM
To: oval-discussion-list OVAL Discussion List/Closed Public Discussi
Subject: [OVAL-DISCUSSION-LIST] OVAL for HPSBUX02458

 

I'd like to submit one OVAL to cover HPSBUX02458 (CVE-2009-2679).

 

Thanks,

Pai

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].
Free Embeddable Forum Powered by Nabble Help