duplicate criteria for Solaris 9 in def:4725
|
|
Dragos Prisaca
|
Some javascript/style in this post has been disabled (why?)
Hi, The definition 4725 has a duplicate criteria for Solaris 9.
It supposed to check the existence of 137017-02 patch on Solaris 10 (sparc). Please see the attached file with the corrected criteria for
Solaris 10. Regards, Dragos
Prisaca Secure
Elements, Inc. C5
Security Labs Phone: 703-709-2179 ######################################################################################## This email message and any
attachment to this email message is intended only for the use of the
addressee(s) named above. If the reader of this message is not the intended
recipient or the employee or agent responsible for delivering the message to
the intended recipient(s), please note that any distribution or copying of this
communication is strictly prohibited. If you have received
this email in error, please notify me immediately and delete this
message. Please note that if this email contains a forwarded message
or is a reply to a prior message, some or all of the contents of this message
or any attachments may not have been produced by the sender. <?xml version="1.0" encoding="UTF-8"?> <oval_definitions xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris solaris-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"> <generator> <oval:product_name>The OVAL Repository</oval:product_name> <oval:schema_version>5.4</oval:schema_version> <oval:timestamp>2008-06-27T12:42:14.165-04:00</oval:timestamp> </generator> <definitions> <definition id="oval:org.mitre.oval:def:4725" version="0" class="vulnerability"> <metadata> <title>Security Vulnerability in the Solaris crontab(1) utility may allow execution of Arbitrary Code</title> <affected family="unix"> <platform>Sun Solaris 8</platform> <platform>Sun Solaris 9</platform> <platform>Sun Solaris 10</platform> </affected> <reference source="CVE" ref_id="CVE-2008-2538" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2538"/> <description>Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2008-06-05T11:19:56.000-04:00"> <contributor organization="Hewlett-Packard">Nicholas Hansen</contributor> </submitted> <status_change date="2008-06-05T14:00:22.164-04:00">DRAFT</status_change> <status_change date="2008-06-23T04:00:11.562-04:00">INTERIM</status_change> </dates> <status>INTERIM</status> </oval_repository> </metadata> <criteria operator="OR" comment="Software Section"> <criteria operator="AND" comment="Solaris 8 (SPARC) meets Sun Alert 237864"> <extend_definition comment="Solaris 8 (SPARC) is installed" definition_ref="oval:org.mitre.oval:def:1539"/> <criterion negate="true" comment="Patch 109007-26 or later installed" test_ref="oval:org.mitre.oval:tst:7905"/> </criteria> <criteria operator="AND" comment="Solaris 9 (SPARC) meets Sun Alert 237864"> <extend_definition comment="Solaris 9 (SPARC) is installed" definition_ref="oval:org.mitre.oval:def:1457"/> <criterion negate="true" comment="Patch 122300-27 or later installed" test_ref="oval:org.mitre.oval:tst:7763"/> </criteria> <criteria operator="AND" comment="Solaris 10 (SPARC) meets Sun Alert 237864"> <extend_definition comment="Solaris 10 (SPARC) is installed" definition_ref="oval:org.mitre.oval:def:1440"/> <criterion negate="true" comment="Patch 137017-02 or later installed" test_ref="oval:org.mitre.oval:tst:8027"/> </criteria> <criteria operator="AND" comment="Solaris 8 (x86) meets Sun Alert 237864"> <extend_definition comment="Solaris 8 (x86) is installed" definition_ref="oval:org.mitre.oval:def:2059"/> <criterion negate="true" comment="Patch 109008-26 or later installed" test_ref="oval:org.mitre.oval:tst:7968"/> </criteria> <criteria operator="AND" comment="Solaris 9 (x86) meets Sun Alert 237864"> <extend_definition comment="Solaris 9 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1683"/> <criterion negate="true" comment="Patch 122301-27 or later installed" test_ref="oval:org.mitre.oval:tst:7797"/> </criteria> <criteria operator="AND" comment="Solaris 10 (x86) meets Sun Alert 237864"> <extend_definition comment="Solaris 10 (x86) is installed" definition_ref="oval:org.mitre.oval:def:1926"/> <criterion negate="true" comment="Patch 137018-02 or later installed" test_ref="oval:org.mitre.oval:tst:8019"/> </criteria> </criteria> </definition> <definitions> <definition id="oval:org.mitre.oval:def:1440" version="1" class="inventory"> <metadata> <title>Solaris 10 (SPARC) is installed</title> <affected family="unix"> <platform>Sun Solaris 10</platform> </affected> <reference source="CPE" ref_id="cpe:/o:sun:sunos:5.10::sparc"/> <description>The operating system installed on the system is Sun Solaris 10 for SPARC.</description> <oval_repository> <dates> <submitted date="2007-06-15T12:00:00.000-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-06-15T12:20:00.000-04:00">DRAFT</status_change> <status_change date="2007-07-03T21:53:52.343-04:00">INTERIM</status_change> <status_change date="2007-07-18T15:57:49.640-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="Solaris 10 Installed" test_ref="oval:org.mitre.oval:tst:3680"/> <criterion comment="sparc architecture" test_ref="oval:org.mitre.oval:tst:3237"/> </criteria> </definition> </definitions> <definition id="oval:org.mitre.oval:def:2059" version="1" class="inventory"> <metadata> <title>Solaris 8 (x86) is installed</title> <affected family="unix"> <platform>Sun Solaris 8</platform> </affected> <reference source="CPE" ref_id="cpe:/o:sun:sunos:5.8::ix86"/> <description>The operating system installed on the system is Sun Solaris 8 for x86.</description> <oval_repository> <dates> <submitted date="2007-06-22T08:00:00.000-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-06-22T08:20:00.000-04:00">DRAFT</status_change> <status_change date="2007-07-10T21:08:51.544-04:00">INTERIM</status_change> <status_change date="2007-08-01T22:26:15.624-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="Solaris 8 Installed" test_ref="oval:org.mitre.oval:tst:3437"/> <criterion comment="ix86 architecture" test_ref="oval:org.mitre.oval:tst:3912"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:1926" version="1" class="inventory"> <metadata> <title>Solaris 10 (x86) is installed</title> <affected family="unix"> <platform>Sun Solaris 10</platform> </affected> <reference source="CPE" ref_id="cpe:/o:sun:sunos:5.10::ix86"/> <description>The operating system installed on the system is Sun Solaris 10 for x86.</description> <oval_repository> <dates> <submitted date="2007-06-15T12:00:00.000-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-06-15T12:20:00.000-04:00">DRAFT</status_change> <status_change date="2007-07-03T21:53:53.007-04:00">INTERIM</status_change> <status_change date="2007-07-18T15:57:51.357-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="Solaris 10 Installed" test_ref="oval:org.mitre.oval:tst:3680"/> <criterion comment="ix86 architecture" test_ref="oval:org.mitre.oval:tst:3912"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:1683" version="1" class="inventory"> <metadata> <title>Solaris 9 (x86) is installed</title> <affected family="unix"> <platform>Sun Solaris 9</platform> </affected> <reference source="CPE" ref_id="cpe:/o:sun:sunos:5.9::ix86"/> <description>The operating system installed on the system is Sun Solaris 9 for x86.</description> <oval_repository> <dates> <submitted date="2007-06-22T08:00:00.000-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-06-22T08:20:00.000-04:00">DRAFT</status_change> <status_change date="2007-07-10T21:08:49.960-04:00">INTERIM</status_change> <status_change date="2007-08-01T22:26:14.277-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="Solaris 9 Installed" test_ref="oval:org.mitre.oval:tst:3172"/> <criterion comment="ix86 architecture" test_ref="oval:org.mitre.oval:tst:3912"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:1539" version="1" class="inventory"> <metadata> <title>Solaris 8 (SPARC) is installed</title> <affected family="unix"> <platform>Sun Solaris 8</platform> </affected> <reference source="CPE" ref_id="cpe:/o:sun:sunos:5.8::sparc"/> <description>The operating system installed on the system is Sun Solaris 8 for SPARC.</description> <oval_repository> <dates> <submitted date="2007-06-22T08:00:00.000-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-06-22T08:20:00.000-04:00">DRAFT</status_change> <status_change date="2007-07-10T21:08:48.692-04:00">INTERIM</status_change> <status_change date="2007-08-01T22:26:14.211-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="Solaris 8 Installed" test_ref="oval:org.mitre.oval:tst:3437"/> <criterion comment="sparc architecture" test_ref="oval:org.mitre.oval:tst:3237"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:1457" version="1" class="inventory"> <metadata> <title>Solaris 9 (SPARC) is installed</title> <affected family="unix"> <platform>Sun Solaris 9</platform> </affected> <reference source="CPE" ref_id="cpe:/o:sun:sunos:5.9::sparc"/> <description>The operating system installed on the system is Sun Solaris 9 for SPARC.</description> <oval_repository> <dates> <submitted date="2007-06-22T08:00:00.000-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-06-22T08:20:00.000-04:00">DRAFT</status_change> <status_change date="2007-07-10T21:08:48.350-04:00">INTERIM</status_change> <status_change date="2007-08-01T22:26:14.151-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="Solaris 9 Installed" test_ref="oval:org.mitre.oval:tst:3172"/> <criterion comment="sparc architecture" test_ref="oval:org.mitre.oval:tst:3237"/> </criteria> </definition> </definitions> <tests> <uname_test id="oval:org.mitre.oval:tst:3680" version="1" comment="Solaris 10 Installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3597"/> </uname_test> <uname_test id="oval:org.mitre.oval:tst:3912" version="1" comment="ix86 architecture" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3443"/> </uname_test> <uname_test id="oval:org.mitre.oval:tst:3437" version="1" comment="Solaris 8 Installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3700"/> </uname_test> <uname_test id="oval:org.mitre.oval:tst:3237" version="1" comment="sparc architecture" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3478"/> </uname_test> <uname_test id="oval:org.mitre.oval:tst:3172" version="1" comment="Solaris 9 Installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <object object_ref="oval:org.mitre.oval:obj:2759"/> <state state_ref="oval:org.mitre.oval:ste:3891"/> </uname_test> <patch_test id="oval:org.mitre.oval:tst:8027" version="1" comment="Patch 137017-02 or later installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <object object_ref="oval:org.mitre.oval:obj:5543"/> <state state_ref="oval:org.mitre.oval:ste:3762"/> </patch_test> <patch_test id="oval:org.mitre.oval:tst:8019" version="1" comment="Patch 137018-02 or later installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <object object_ref="oval:org.mitre.oval:obj:5552"/> <state state_ref="oval:org.mitre.oval:ste:3762"/> </patch_test> <patch_test id="oval:org.mitre.oval:tst:7968" version="1" comment="Patch 109008-26 or later installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <object object_ref="oval:org.mitre.oval:obj:5474"/> <state state_ref="oval:org.mitre.oval:ste:3428"/> </patch_test> <patch_test id="oval:org.mitre.oval:tst:7905" version="1" comment="Patch 109007-26 or later installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <object object_ref="oval:org.mitre.oval:obj:5381"/> <state state_ref="oval:org.mitre.oval:ste:3428"/> </patch_test> <patch_test id="oval:org.mitre.oval:tst:7797" version="1" comment="Patch 122301-27 or later installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <object object_ref="oval:org.mitre.oval:obj:5626"/> <state state_ref="oval:org.mitre.oval:ste:3017"/> </patch_test> <patch_test id="oval:org.mitre.oval:tst:7763" version="1" comment="Patch 122300-27 or later installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <object object_ref="oval:org.mitre.oval:obj:5217"/> <state state_ref="oval:org.mitre.oval:ste:3017"/> </patch_test> </tests> <objects> <uname_object id="oval:org.mitre.oval:obj:2759" version="1" comment="The single uname object." xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"/> <patch_object id="oval:org.mitre.oval:obj:5543" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <base datatype="int">137017</base> </patch_object> <patch_object id="oval:org.mitre.oval:obj:5552" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <base datatype="int">137018</base> </patch_object> <patch_object id="oval:org.mitre.oval:obj:5474" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <base datatype="int">109008</base> </patch_object> <patch_object id="oval:org.mitre.oval:obj:5381" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <base datatype="int">109007</base> </patch_object> <patch_object id="oval:org.mitre.oval:obj:5626" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <base datatype="int">122301</base> </patch_object> <patch_object id="oval:org.mitre.oval:obj:5217" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <base datatype="int">122300</base> </patch_object> </objects> <states> <uname_state id="oval:org.mitre.oval:ste:3597" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <os_release>5.10</os_release> </uname_state> <uname_state id="oval:org.mitre.oval:ste:3443" version="1" comment="processor type is ix86" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <processor_type operation="pattern match">^i.*86</processor_type> </uname_state> <uname_state id="oval:org.mitre.oval:ste:3700" version="1" comment="os release is 5.8" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <os_release>5.8</os_release> </uname_state> <uname_state id="oval:org.mitre.oval:ste:3478" version="1" comment="processor type is SPARC" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <processor_type operation="pattern match">[Ss][Pp][Aa][Rr][Cc]</processor_type> </uname_state> <uname_state id="oval:org.mitre.oval:ste:3891" version="1" comment="os release is 5.9" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"> <os_release>5.9</os_release> </uname_state> <patch_state id="oval:org.mitre.oval:ste:3762" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <version operation="greater than or equal" datatype="int">02</version> </patch_state> <patch_state id="oval:org.mitre.oval:ste:3428" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <version operation="greater than or equal" datatype="int">26</version> </patch_state> <patch_state id="oval:org.mitre.oval:ste:3017" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"> <version operation="greater than or equal" datatype="int">27</version> </patch_state> </states> </oval_definitions> |
|||||||||||||||
Worrell, Bryan A.
|
Dragos,
Thank you for the updated definition. Your submission has been posted to the OVAL Repository for further community review. Thanks, Bryan Worrell __ Bryan Worrell The MITRE Corporation bworrell@... >-----Original Message----- >From: Dragos Prisaca [mailto:dprisaca@...] >Sent: Friday, June 27, 2008 12:54 PM >To: oval-discussion-list OVAL Discussion List/Closed Public Discussi >Subject: [OVAL-DISCUSSION-LIST] duplicate criteria for Solaris 9 in >def:4725 > >Hi, > > > >The definition 4725 has a duplicate criteria for Solaris 9. It >to check the existence of 137017-02 patch on Solaris 10 (sparc). > >Please see the attached file with the corrected criteria for Solaris 10. > > > >Regards, > >Dragos Prisaca > > > >Secure Elements, Inc. > >C5 Security Labs > >dprisaca@... <mailto:dprisaca@...> > >www.secure-elements.com <http://www.secure-elements.com> > >Phone: 703-709-2179 > > > >###################################################################### >################ > >This email message and any attachment to this email message is intended >only for the use of the addressee(s) named above. If the reader of this >message is not the intended recipient or the employee or agent >responsible for delivering the message to the intended recipient(s), >please note that any distribution or copying of this communication is >strictly prohibited. If you have received this email in error, please >notify me immediately and delete this message. Please note that if this >email contains a forwarded message or is a reply to a prior message, >some or all of the contents of this message or any attachments may not >have been produced by the sender. > > > >To unsubscribe, send an email message to LISTSERV@... with >SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have >difficulties, write to OVAL-DISCUSSION-LIST-request@.... To unsubscribe, send an email message to LISTSERV@... with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to OVAL-DISCUSSION-LIST-request@.... |
|||||||||||||||
| Free Forum Powered by Nabble | Forum Help |