Possible issues with Ovaldi and fileeffectiverights53
|
|
|
Some javascript/style in this post has been disabled (why?)
In a version of Ovaldi
downloaded (source) a short time ago, we are seeing failures in the following:
Are
you guys aware of any issues? I have attached a copy of the definition file.
<?xml version="1.0" encoding="UTF-8"?> <oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:win-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows" xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows http://oval.mitre.org/language/download/schema/version5.4/ovaldefinition/complete/windows-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#independent http://oval.mitre.org/language/download/schema/version5.4/ovaldefinition/complete/independent-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 http://oval.mitre.org/language/download/schema/version5.4/ovaldefinition/complete/oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 http://oval.mitre.org/language/download/schema/version5.4/ovaldefinition/complete/oval-common-schema.xsd"> <generator> <oval:product_name>National Institute of Standards and Technology</oval:product_name> <oval:schema_version>5.4</oval:schema_version> <oval:timestamp>2008-06-20T17:01:19.000-05:00</oval:timestamp> </generator> <!-- ==================================================================================================== --> <!-- ========================================== DEFINITIONS =========================================== --> <!-- ==================================================================================================== --> <definitions> <definition id="oval:gov.nist.fdcc.xp:def:23" version="1" class="compliance"> <metadata> <title>Account Lockout Duration</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2928-0"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-980"/> <description>This definition verifies that locked accounts remains locked for the defined number of minutes before they are automatically unlocked.</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="OR"> <criterion comment="Account Lockout Duration is set to keep accounts locked for at least the defined number of minutes" test_ref="oval:gov.nist.fdcc.xp:tst:19"/> <criterion comment="Account Lockout Duration is set to keep accounts locked until an administrator unlocks them" test_ref="oval:gov.nist.fdcc.xp:tst:1911"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:24" version="1" class="compliance"> <metadata> <title>Account Lockout Threshold</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2986-8"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-658"/> <description>Account lockout threshold is the profile defined number of invalid logon attempts</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="Account lockout threshold is profile defined number of invalid logon attempts" test_ref="oval:gov.nist.fdcc.xp:tst:20"/> <criterion comment="Account lockout threshold is not 0" test_ref="oval:gov.nist.fdcc.xp:tst:425"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:26" version="1" class="compliance"> <metadata> <title>Account Lockout Reset</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2466-1"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-733"/> <description>Reset account lockout counters after the profile defined number of minutes</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Reset account lockout counters after profile defined number of minutes" test_ref="oval:gov.nist.fdcc.xp:tst:22"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:987651" version="1" class="compliance"> <metadata> <title>Kerberos: Enforce user logon restrictions</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-3188-0"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-227"/> <description>todo</description> </metadata> <criteria operator="AND"> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion test_ref="oval:gov.nist.fdcc.xp:tst:987651" comment="Kerberos: Enforce user logon restrictions"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:987652" version="1" class="compliance"> <metadata> <title>Kerberos: Maximum lifetime for service ticket</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2708-6"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-6"/> <description>todo</description> </metadata> <criteria operator="AND"> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion test_ref="oval:gov.nist.fdcc.xp:tst:987652" comment="Kerberos: Maximum lifetime for service ticket"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:987653" version="1" class="compliance"> <metadata> <title>Kerberos: Maximum lifetime for user ticket</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2803-5"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-37"/> <description>todo</description> </metadata> <criteria operator="AND"> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion test_ref="oval:gov.nist.fdcc.xp:tst:987653" comment="Kerberos: Maximum lifetime for user ticket"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:987654" version="1" class="compliance"> <metadata> <title>Kerberos: Maximum lifetime for user ticket renewal</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-3063-5"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-33"/> <description>todo</description> </metadata> <criteria operator="AND"> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion test_ref="oval:gov.nist.fdcc.xp:tst:987654" comment="Kerberos: Maximum lifetime for user ticket renewal"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:987655" version="1" class="compliance"> <metadata> <title>Kerberos: Maximum tolerance for computer clock synchronization</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-3208-6"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-588"/> <description>todo</description> </metadata> <criteria operator="AND"> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion test_ref="oval:gov.nist.fdcc.xp:tst:987655" comment="Kerberos: Maximum tolerance for computer clock synchronization"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:16" version="1" class="compliance"> <metadata> <title>Password History Enforcement</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2994-2"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-60"/> <description>Password history enforcement is enabled and the profile defined number of passwords are remembered</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Password history enforcement is enabled and profile defined number of passwords are remembered" test_ref="oval:gov.nist.fdcc.xp:tst:12"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:17" version="1" class="compliance"> <metadata> <title>Maximum Password Age</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2920-7"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-871"/> <description>Maximum password age is the profile defined number of days</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Maximum password age is profile defined" test_ref="oval:gov.nist.fdcc.xp:tst:13"/> <criterion comment="Maximum password age not equal 0" test_ref="oval:gov.nist.fdcc.xp:tst:443"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:18" version="1" class="compliance"> <metadata> <title>Minimum Password Age</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2439-8"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-324"/> <description>Minimum password age is the profile defined number of days</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Minimum password age is profile defined number of days" test_ref="oval:gov.nist.fdcc.xp:tst:14"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:19" version="1" class="compliance"> <metadata> <title>Minimum Password Length</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2981-9"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-100"/> <description>Minimum password length is the profile defined number of characters</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Minimum password length is profile defined" test_ref="oval:gov.nist.fdcc.xp:tst:15"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:21" version="1" class="compliance"> <metadata> <title>Password Complexity Requirements</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2735-9"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-633"/> <description>Passwords must meet complexity requirements</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Passwords must meet complexity requirements" test_ref="oval:gov.nist.fdcc.xp:tst:17"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:22" version="1" class="compliance"> <metadata> <title>Passwords Stored Using Reversible Encryption</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2889-4"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-479"/> <description>Passwords must be stored using reversible encryption for all users in the domain</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Passwords must be stored using reversible encryption for all users in the domain" test_ref="oval:gov.nist.fdcc.xp:tst:18"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:197" version="1" class="compliance"> <metadata> <title>Maximum Application Log Size</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2904-1"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-185"/> <description>This definition tests the the maximum allowed size of the application log is at least as big as the supplied value.</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application!MaxSize has type REG_DWORD and a value greater than or equal to the defined number of KB" test_ref="oval:gov.nist.fdcc.xp:tst:365"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:198" version="1" class="compliance"> <metadata> <title>Maximum Security Log Size</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2693-0"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-757"/> <description>This definition tests the the maximum allowed size of the security log is at least as big as the supplied value.</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security!MaxSize has type REG_DWORD and a value greater than or equal to the defined number of KB" test_ref="oval:gov.nist.fdcc.xp:tst:367"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:199" version="1" class="compliance"> <metadata> <title>Maximum System Log Size</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-3006-4"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-735"/> <description>This definition tests the the maximum allowed size of the system log is at least as big as the supplied value.</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System!MaxSize has type REG_DWORD and a value greater than or equal to the defined number of KB" test_ref="oval:gov.nist.fdcc.xp:tst:369"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:200" version="1" class="compliance"> <metadata> <title>Anonymous Access to Application Log</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2116-2"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-299"/> <description>This definition tests to see if local guests group is allowed to or prevented from accessing application log based on the supplied value.</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\\RestrictGuestAccess has type REG_DWORD" test_ref="oval:gov.nist.fdcc.xp:tst:370"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\\RestrictGuestAccess=1" test_ref="oval:gov.nist.fdcc.xp:tst:371"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:201" version="1" class="compliance"> <metadata> <title>Anonymous Access to Security Log</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2794-6"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-462"/> <description>This definition tests to see if local guests group is allowed to or prevented from accessing security log based on the supplied value.</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security\\RestrictGuestAccess has type REG_DWORD" test_ref="oval:gov.nist.fdcc.xp:tst:372"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security\\RestrictGuestAccess=1" test_ref="oval:gov.nist.fdcc.xp:tst:373"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:202" version="1" class="compliance"> <metadata> <title>Anonymous Access to System Log</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2345-7"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-726"/> <description>This definition tests to see if local guests group is allowed to or prevented from accessing system log based on the supplied value.</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\\RestrictGuestAccess has type REG_DWORD" test_ref="oval:gov.nist.fdcc.xp:tst:374"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\\RestrictGuestAccess=1" test_ref="oval:gov.nist.fdcc.xp:tst:375"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:203" version="1" class="compliance"> <metadata> <title>Application Log Retention Method</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-3014-8"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-285"/> <description>This definition tests the retention method for the application log. Possible methods are - overwrite as necessary, do not overwrite, or overwrite events older than X seconds.</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\\Retention has type REG_DWORD" test_ref="oval:gov.nist.fdcc.xp:tst:376"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\\Retention=profile defined" test_ref="oval:gov.nist.fdcc.xp:tst:377"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:204" version="1" class="compliance"> <metadata> <title>Security Log Retention Method</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2336-6"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-523"/> <description>Retention method for security log</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security\\Retention has type REG_DWORD" test_ref="oval:gov.nist.fdcc.xp:tst:378"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security\\Retention=profile defined" test_ref="oval:gov.nist.fdcc.xp:tst:379"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:205" version="1" class="compliance"> <metadata> <title>System Log Retention Method</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2777-1"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-664"/> <description>Retention method for system log</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\\Retention has type REG_DWORD" test_ref="oval:gov.nist.fdcc.xp:tst:380"/> <criterion comment="Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\\Retention=profile defined" test_ref="oval:gov.nist.fdcc.xp:tst:381"/> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:144" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/system32/rcp.exe File</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2784-7"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-997"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/system32/rcp.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file rcp.exe" test_ref="oval:gov.nist.fdcc.xp:tst:242"/> <criterion comment="The System user is granted full access to the file rcp.exe" test_ref="oval:gov.nist.fdcc.xp:tst:243"/> <criterion comment="There are no access privileges to file rcp.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:244"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:145" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/system32/reg.exe File</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2220-2"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-547"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/system32/reg.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file reg.exe" test_ref="oval:gov.nist.fdcc.xp:tst:245"/> <criterion comment="The System user is granted full access to the file reg.exe" test_ref="oval:gov.nist.fdcc.xp:tst:246"/> <criterion comment="There are no access privileges to file reg.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:247"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:146" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/regedit.exe File</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2175-8"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-795"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/regedit.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file regedit.exe" test_ref="oval:gov.nist.fdcc.xp:tst:248"/> <criterion comment="The System user is granted full access to the file regedit.exe" test_ref="oval:gov.nist.fdcc.xp:tst:249"/> <criterion comment="There are no access privileges to file regedit.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:250"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:147" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/system32/regedt32.exe File</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2833-2"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-865"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/system32/regedt32.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file regedt32.exe" test_ref="oval:gov.nist.fdcc.xp:tst:251"/> <criterion comment="The System user is granted full access to the file regedt32.exe" test_ref="oval:gov.nist.fdcc.xp:tst:252"/> <criterion comment="There are no access privileges to file regedt32.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:253"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:128" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/system32/arp.exe File</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2052-9"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-600"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/system32/arp.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file arp.exe" test_ref="oval:gov.nist.fdcc.xp:tst:193"/> <criterion comment="The System user is granted full access to the file arp.exe" test_ref="oval:gov.nist.fdcc.xp:tst:194"/> <criterion comment="There are no access privileges to file arp.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:195"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:129" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/system32/at.exe File</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2184-0"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-393"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/system32/at.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file at.exe" test_ref="oval:gov.nist.fdcc.xp:tst:196"/> <criterion comment="The System user is granted full access to the file at.exe" test_ref="oval:gov.nist.fdcc.xp:tst:197"/> <criterion comment="There are no access privileges to file at.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:198"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:130" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/system32/attrib.exe File and Users have read and execute permissions</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2312-7"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-166"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/system32/attrib.exe file and Users have read and execute permissions</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file attrib.exe" test_ref="oval:gov.nist.fdcc.xp:tst:199"/> <criterion comment="The System user is granted full access to the file attrib.exe" test_ref="oval:gov.nist.fdcc.xp:tst:200"/> <criterion comment="There are no access privileges to file attrib.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:201"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:131" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/system32/cacls.exe File</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2726-8"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-977"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/system32/cacls.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file cacls.exe" test_ref="oval:gov.nist.fdcc.xp:tst:202"/> <criterion comment="The System user is granted full access to the file cacls.exe" test_ref="oval:gov.nist.fdcc.xp:tst:203"/> <criterion comment="There are no access privileges to file cacls.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:204"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:132" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/system32/debug.exe File</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2699-7"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-201"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/system32/debug.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file debug.exe" test_ref="oval:gov.nist.fdcc.xp:tst:205"/> <criterion comment="The System user is granted full access to the file debug.exe" test_ref="oval:gov.nist.fdcc.xp:tst:206"/> <criterion comment="There are no access privileges to file debug.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:207"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:133" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/system32/edlin.exe File</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-1909-1"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-20"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/system32/edlin.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file edlin.exe" test_ref="oval:gov.nist.fdcc.xp:tst:208"/> <criterion comment="The System user is granted full access to the file edlin.exe" test_ref="oval:gov.nist.fdcc.xp:tst:209"/> <criterion comment="There are no access privileges to file edlin.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:210"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:134" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/system32/eventcreate.exe File</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2145-1"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-489"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/system32/eventcreate.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file eventcreate.exe" test_ref="oval:gov.nist.fdcc.xp:tst:211"/> <criterion comment="The System user is granted full access to the file eventcreate.exe" test_ref="oval:gov.nist.fdcc.xp:tst:212"/> <criterion comment="There are no access privileges to file eventcreate.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:213"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:135" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/system32/eventtriggers.exe file</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2436-4"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-917"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/system32/eventtriggers.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file eventtriggers.exe" test_ref="oval:gov.nist.fdcc.xp:tst:214"/> <criterion comment="The System user is granted full access to the file eventtriggers.exe" test_ref="oval:gov.nist.fdcc.xp:tst:215"/> <criterion comment="There are no access privileges to file eventtriggers.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:216"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:1351" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full access and Users have Read access to the SYSTEMROOT/system32/mshta.exe file</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-4952-8"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-1225"/> <description>The Administrators group and the System user should have full access and the Users group has read access to the SYSTEMROOT/system32/mshta.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file mshta.exe" test_ref="oval:gov.nist.fdcc.xp:tst:2141"/> <criterion comment="The System user is granted full access to the file mshta.exe" test_ref="oval:gov.nist.fdcc.xp:tst:2151"/> <criterion comment="The Users group is granted read access to the file mshta.exe" test_ref="oval:gov.nist.fdcc.xp:tst:2152"/> <criterion comment="There are no access privileges to file mshta.exe by users not part of the Administrators group, Users group, or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:2161"/> </criteria> </criteria> </definition> <definition id="oval:gov.nist.fdcc.xp:def:138" version="1" class="compliance"> <metadata> <title>Administrators and System User Have Full Access to the SYSTEMROOT/system32/net.exe File</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="http://cce.mitre.org" ref_id="CCE-2178-2"/> <reference source="cce.mitre.org/version/4" ref_id="CCE-731"/> <description>The Administrators group and the System user should have full access to the SYSTEMROOT/system32/net.exe file and all other users should have no file access privileges</description> </metadata> <criteria> <extend_definition comment="Microsoft Windows XP is installed" definition_ref="oval:gov.nist.fdcc.xp:def:2"/> <criteria operator="AND"> <criterion comment="The Administrators group is granted full access to the file net.exe" test_ref="oval:gov.nist.fdcc.xp:tst:223"/> <criterion comment="The System user is granted full access to the file net.exe" test_ref="oval:gov.nist.fdcc.xp:tst:224"/> <criterion comment="There are no access privileges to file net.exe by users not part of the Administrators group or the System user" test_ref="oval:gov.nist.fdcc.xp:tst:225"/> | ||||||||||||||||||||||||
