OVAL for HPUX vulnerability
|
|
Peng, Pai
|
Some javascript/style in this post has been disabled (why?)
Attached is a OVAL definition to cover CVE-2009-2682 (HPSBUX02457). Thanks, Pai <?xml version="1.0" encoding="UTF-8"?> <oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:hpux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux hpux-definitions-schema.xsd"> <generator> <oval:product_name>Hewlett-Packard</oval:product_name> <oval:schema_version>5.6</oval:schema_version> <oval:timestamp>2009-10-07T11:33:53.000-04:00</oval:timestamp> </generator> <definitions> <definition id="oval:com.hp.temp.oval:def:20091007001" version="0" class="vulnerability"> <metadata> <title>HP-UX Running Role-Based Access Control (RBAC), Local Unauthorized Access</title> <affected family="unix"> <platform>HP-UX 11</platform> </affected> <reference source="CVE" ref_id="CVE-2009-2682" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2682"/> <description>Unspecified vulnerability in Role-Based Access Control (RBAC) in HP HP-UX B.11.23 and B.11.31 allows local users to bypass intended access restrictions via unknown vectors.</description> <oval_repository> <dates> <submitted date="2009-10-07T11:33:53.000-04:00"> <contributor organization="Hewlett-Packard">Pai Peng</contributor> </submitted> </dates> <status>DRAFT</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02457"> <criterion comment="HP-UX B.11.31" test_ref="oval:org.mitre.oval:tst:8260"/> <criteria operator="OR" comment="filesets tests"> <criterion comment="RBAC.RBAC-CONF is installed" test_ref="oval:com.hp.temp.oval:tst:20091007001"/> <criterion comment="RBAC.RBAC-RUN is installed" test_ref="oval:com.hp.temp.oval:tst:20091007002"/> </criteria> <criterion comment="Patch PHCO_40131 is installed" test_ref="oval:com.hp.temp.oval:tst:20091007003" negate="true"/> </criteria> <criteria operator="AND" comment="Criteria meets HP Security Bulletin HPSBUX02457"> <criterion comment="HP Release B.11.23" test_ref="oval:org.mitre.oval:tst:3901"/> <criteria operator="OR" comment="filesets tests"> <criterion comment="RBAC.RBAC-CONF version is less than B.11.23.06" test_ref="oval:com.hp.temp.oval:tst:20091007004"/> <criterion comment="RBAC.RBAC-RUN version is less than B.11.23.06" test_ref="oval:com.hp.temp.oval:tst:20091007005"/> <criterion comment="RBAC.RBAC-WEB version is less than B.11.23.06" test_ref="oval:com.hp.temp.oval:tst:20091007006"/> </criteria> </criteria> </criteria> </definition> </definitions> <tests> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="RBAC.RBAC-CONF is installed" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20091007001"> <object object_ref="oval:com.hp.temp.oval:obj:20091007001"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="RBAC.RBAC-RUN is installed" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20091007002"> <object object_ref="oval:com.hp.temp.oval:obj:20091007002"/> </swlist_test> <patch53_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="Patch PHCO_40131 is installed" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20091007003"> <object object_ref="oval:com.hp.temp.oval:obj:20091007003"/> </patch53_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="RBAC.RBAC-CONF version is less than B.11.23.06" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20091007004"> <object object_ref="oval:com.hp.temp.oval:obj:20091007001"/> <state state_ref="oval:com.hp.temp.oval:ste:20091007001"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="RBAC.RBAC-RUN version is less than B.11.23.06" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20091007005"> <object object_ref="oval:com.hp.temp.oval:obj:20091007002"/> <state state_ref="oval:com.hp.temp.oval:ste:20091007001"/> </swlist_test> <swlist_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" check_existence="at_least_one_exists" comment="RBAC.RBAC-WEB version is less than B.11.23.06" check="at least one" version="1" id="oval:com.hp.temp.oval:tst:20091007006"> <object object_ref="oval:com.hp.temp.oval:obj:20091007004"/> <state state_ref="oval:com.hp.temp.oval:ste:20091007001"/> </swlist_test> <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:3901" version="1" comment="HP Release B.11.23" check_existence="at_least_one_exists" check="all"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3324"/> </uname_test> <uname_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:tst:8260" version="1" comment="HP-UX B.11.31" check_existence="at_least_one_exists" check="all"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3363"/> </uname_test> </tests> <objects> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20091007001"> <swlist>RBAC.RBAC-CONF</swlist> </swlist_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20091007002"> <swlist>RBAC.RBAC-RUN</swlist> </swlist_object> <patch53_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20091007003"> <behaviors supersedence="true"/> <swtype>PH</swtype> <area_patched>CO</area_patched> <patch_base>40131</patch_base> </patch53_object> <swlist_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:obj:20091007004"> <swlist>RBAC.RBAC-WEB</swlist> </swlist_object> <uname_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:obj:2759" version="1" comment="The single uname object."/> </objects> <states> <swlist_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" version="1" id="oval:com.hp.temp.oval:ste:20091007001"> <version operation="less than" datatype="fileset_revision">B.11.23.06</version> </swlist_state> <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3324" version="1"> <os_release>B.11.23</os_release> </uname_state> <uname_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:org.mitre.oval:ste:3363" version="1"> <os_release>B.11.31</os_release> </uname_state> </states> </oval_definitions> |
Lah, Mike M.
|
Some javascript/style in this post has been disabled (why?)
Pai, Thank you for the new definition. The OVAL Repository has
now been updated to include this definition for further community review. Mike From: Peng, Pai [mailto:[hidden email]] Attached is a OVAL definition to
cover CVE-2009-2682 (HPSBUX02457). Thanks, Pai To unsubscribe, send an email message to
[hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the
message. If you have difficulties, write to
[hidden email]. |
||||||||||||||||
| Free Embeddable Forum Powered by Nabble | Help |
