modifications to definition 4730
|
|
Sudhir Gandhe
|
Some javascript/style in this post has been disabled (why?)
Attached is the update to definition 4730. -SG <?xml version="1.0" encoding="UTF-8"?> <oval_definitions xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#oval-repository-metadata-schema oval-repository-metadata-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#windows windows-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"> <generator> <oval:product_name>The OVAL Repository</oval:product_name> <oval:schema_version>5.4</oval:schema_version> <oval:timestamp>2008-07-09T17:51:42.939-04:00</oval:timestamp> </generator> <definitions> <definition id="oval:org.mitre.oval:def:4730" version="0" class="vulnerability"> <metadata> <title>Bluetooth Vulnerability</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> </affected> <reference source="CVE" ref_id="CVE-2008-1453" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1453"/> <description>The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol (SDP) packets.</description> <oval_repository> <dates> <submitted date="2008-06-10T14:50:00"> <contributor organization="Secure Elements, Inc.">Sudhir Gandhe</contributor> </submitted> <status_change date="2008-06-12T13:58:47.926-04:00">DRAFT</status_change> <modified comment="Updates made for MS08-030 re-release." date="2008-06-20T15:20:00.778-04:00"> <contributor organization="Secure Elements, Inc.">Sudhir Gandhe</contributor> </modified> <status_change date="2008-07-07T04:00:18.094-04:00">INTERIM</status_change> <modified comment="Existence criteria removed for Vista as an update cannot be installed on vista if the drivers are not installed" date="2008-07-10T09:20:00.778-04:00"> <contributor organization="Secure Elements, Inc.">Sudhir Gandhe</contributor> </modified> </dates> <status>INTERIM</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Windows XP Service Pack 2"> <extend_definition comment="Microsoft Windows XP (x86) SP2 is installed" definition_ref="oval:org.mitre.oval:def:754"/> <criteria operator="OR"> <criterion comment="the version of Bthport.sys is less than 5.1.2600.3389" test_ref="oval:org.mitre.oval:tst:7093"/> <criterion comment="Bthport.sys does not exist" test_ref="oval:org.mitre.oval:tst:7805"/> </criteria> </criteria> <criteria operator="AND" comment="Windows XP Service Pack 3"> <extend_definition comment="Microsoft Windows XP (x86) SP3 is installed" definition_ref="oval:org.mitre.oval:def:5631"/> <criteria operator="OR"> <criterion comment="Bthport.sys does not exist" test_ref="oval:org.mitre.oval:tst:7805"/> <criterion comment="the version of Bthport.sys is less than 5.1.2600.5620" test_ref="oval:org.mitre.oval:tst:8009"/> </criteria> </criteria> <criteria operator="AND" comment="Windows Vista Gold"> <extend_definition comment="Microsoft Windows Vista (32-bit) is installed" definition_ref="oval:org.mitre.oval:def:1282"/> <criterion comment="the version of Bthport.sys is less than 6.0.6000.16682" test_ref="oval:org.mitre.oval:tst:7845"/> </criteria> <criteria operator="AND" comment="Windows Vista Service Pack 1"> <extend_definition comment="Microsoft Windows Vista (32-bit) Service Pack 1 is installed" definition_ref="oval:org.mitre.oval:def:4873"/> <criterion comment="the version of Bthport.sys is less than 6.0.6001.18064" test_ref="oval:org.mitre.oval:tst:7491"/> </criteria> </criteria> </definition> <definition id="oval:org.mitre.oval:def:754" version="2" class="inventory"> <metadata> <title>Microsoft Windows XP (x86) SP2 is installed</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="CPE" ref_id="cpe:/o:microsoft:windows_xp::sp2:x86"/> <description>A version of Microsoft Windows XP (x86) Service Pack 2 is installed.</description> <oval_repository> <dates> <submitted date="2007-03-05T09:00:00"> <contributor organization="The MITRE Corporation">Andrew Buttner</contributor> </submitted> <status_change date="2007-03-05T09:00:00">DRAFT</status_change> <status_change date="2007-03-21T16:17:26.869-04:00">INTERIM</status_change> <status_change date="2007-04-10T13:44:28.583-04:00">ACCEPTED</status_change> <modified comment="Changed the CPE reference" date="2008-04-04T11:17:00.434-04:00"> <contributor organization="The MITRE Corporation">Andrew Buttner</contributor> </modified> <status_change date="2008-04-04T11:29:22.458-04:00">INTERIM</status_change> <status_change date="2008-04-21T04:00:24.359-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria operator="AND"> <criterion comment="the installed operating system is part of the Microsoft Windows family" test_ref="oval:org.mitre.oval:tst:99"/> <criterion comment="a version of Microsoft Windows XP is installed" test_ref="oval:org.mitre.oval:tst:3"/> <criterion comment="a version of Windows for the x86 architecture is installed" test_ref="oval:org.mitre.oval:tst:3823"/> <criterion comment="Win2K/XP/2003 service pack 2 is installed" test_ref="oval:org.mitre.oval:tst:3019"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:5631" version="0" class="inventory"> <metadata> <title>Microsoft Windows XP (x86) SP3 is installed</title> <affected family="windows"> <platform>Microsoft Windows XP</platform> </affected> <reference source="CPE" ref_id="cpe:/o:microsoft:windows_xp::sp3:x86"/> <description>A version of Microsoft Windows XP (x86) Service Pack 3 is installed.</description> <oval_repository> <dates> <submitted date="2008-06-10T14:50:00"> <contributor organization="Secure Elements, Inc.">Sudhir Gandhe</contributor> </submitted> <status_change date="2008-06-12T13:58:47.155-04:00">DRAFT</status_change> <status_change date="2008-06-30T04:00:18.370-04:00">INTERIM</status_change> </dates> <status>INTERIM</status> </oval_repository> </metadata> <criteria operator="AND"> <criterion comment="the installed operating system is part of the Microsoft Windows family" test_ref="oval:org.mitre.oval:tst:99"/> <criterion comment="a version of Microsoft Windows XP is installed" test_ref="oval:org.mitre.oval:tst:3"/> <criterion comment="a version of Windows for the x86 architecture is installed" test_ref="oval:org.mitre.oval:tst:3823"/> <criterion comment="Win2K/XP/2003 service pack 3 is installed" test_ref="oval:org.mitre.oval:tst:7814"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:4873" version="1" class="inventory"> <metadata> <title>Microsoft Windows Vista (32-bit) Service Pack 1 is installed</title> <affected family="windows"> <platform>Microsoft Windows Vista</platform> </affected> <reference source="CPE" ref_id="cpe:/o:microsoft:windows_vista::sp1:x86"/> <description>The operating system installed on the system is Microsoft Windows Vista (32-bit) Service Pack 1</description> <oval_repository> <dates> <submitted date="2008-03-26T10:44:02"> <contributor organization="Secure Elements, Inc.">Sudhir Gandhe</contributor> </submitted> <status_change date="2008-03-26T16:27:29.495-04:00">DRAFT</status_change> <modified comment="Changed the CPE reference" date="2008-04-04T11:17:00.108-04:00"> <contributor organization="The MITRE Corporation">Andrew Buttner</contributor> </modified> <status_change date="2008-04-21T04:00:20.428-04:00">INTERIM</status_change> <status_change date="2008-05-12T04:00:14.497-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="the installed operating system is part of the Microsoft Windows family" test_ref="oval:org.mitre.oval:tst:99"/> <criterion comment="Windows Vista is installed" test_ref="oval:org.mitre.oval:tst:7914"/> <criterion negate="true" comment="a version of Windows for the x64 architecture is installed" test_ref="oval:org.mitre.oval:tst:3653"/> <criterion comment="Win2K/XP/2003/Vista service pack 1 is installed" test_ref="oval:org.mitre.oval:tst:2843"/> </criteria> </definition> <definition id="oval:org.mitre.oval:def:1282" version="2" class="inventory"> <metadata> <title>Microsoft Windows Vista (32-bit) is installed</title> <affected family="windows"> <platform>Microsoft Windows Vista</platform> </affected> <reference source="CPE" ref_id="cpe:/o:microsoft:windows_vista:::x86"/> <description>The operating system installed on the system is Microsoft Windows Vista (32-bit)</description> <oval_repository> <dates> <submitted date="2007-04-11T11:27:37.975-04:00"> <contributor organization="The MITRE Corporation">Jonathan Baker</contributor> </submitted> <status_change date="2007-04-11T12:15:00.000-04:00">DRAFT</status_change> <status_change date="2007-04-30T08:18:46.566-04:00">INTERIM</status_change> <status_change date="2007-05-23T15:05:26.800-04:00">ACCEPTED</status_change> <modified comment="Vista test updated because of the conflictions with Server 2008" date="2008-03-26T10:51:02.210-04:00"> <contributor organization="Secure Elements, Inc.">Sudhir Gandhe</contributor> </modified> <status_change date="2008-03-31T04:00:20.410-04:00">INTERIM</status_change> <modified comment="Changed the CPE reference" date="2008-04-04T11:17:00.749-04:00"> <contributor organization="The MITRE Corporation">Andrew Buttner</contributor> </modified> <status_change date="2008-04-21T04:00:11.683-04:00">ACCEPTED</status_change> </dates> <status>ACCEPTED</status> </oval_repository> </metadata> <criteria> <criterion comment="the installed operating system is part of the Microsoft Windows family" test_ref="oval:org.mitre.oval:tst:99"/> <criterion comment="Windows Vista is installed" test_ref="oval:org.mitre.oval:tst:7914"/> <criterion negate="true" comment="a version of Windows for the x64 architecture is installed" test_ref="oval:org.mitre.oval:tst:3653"/> </criteria> </definition> </definitions> <tests> <registry_test id="oval:org.mitre.oval:tst:3019" version="1" comment="Win2K/XP/2003 service pack 2 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:717"/> <state state_ref="oval:org.mitre.oval:ste:2827"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:7814" version="1" comment="Win2K/XP/2003 service pack 3 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:717"/> <state state_ref="oval:org.mitre.oval:ste:3794"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:3823" version="1" comment="a version of Windows for the x86 architecture is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:1576"/> <state state_ref="oval:org.mitre.oval:ste:3649"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:3" version="1" comment="a version of Microsoft Windows XP is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:123"/> <state state_ref="oval:org.mitre.oval:ste:3"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:2843" version="1" comment="Win2K/XP/2003/Vista service pack 1 is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:717"/> <state state_ref="oval:org.mitre.oval:ste:2662"/> </registry_test> <family_test id="oval:org.mitre.oval:tst:99" version="1" comment="the installed operating system is part of the Microsoft Windows family" check_existence="at_least_one_exists" check="only one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"> <object object_ref="oval:org.mitre.oval:obj:99"/> <state state_ref="oval:org.mitre.oval:ste:99"/> </family_test> <registry_test id="oval:org.mitre.oval:tst:7914" version="1" comment="Windows Vista is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:5590"/> <state state_ref="oval:org.mitre.oval:ste:3828"/> </registry_test> <registry_test id="oval:org.mitre.oval:tst:3653" version="2" comment="a version of Windows for the x64 architecture is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:1576"/> <state state_ref="oval:org.mitre.oval:ste:3180"/> </registry_test> <file_test id="oval:org.mitre.oval:tst:8009" version="1" comment="the version of Bthport.sys is less than 5.1.2600.5620" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:5807"/> <state state_ref="oval:org.mitre.oval:ste:3991"/> </file_test> <file_test id="oval:org.mitre.oval:tst:7845" version="1" comment="the version of Bthport.sys is less than 6.0.6000.16682" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:5807"/> <state state_ref="oval:org.mitre.oval:ste:3472"/> </file_test> <file_test id="oval:org.mitre.oval:tst:7805" version="1" comment="Bthport.sys does not exist" check_existence="none_exist" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:5807"/> </file_test> <file_test id="oval:org.mitre.oval:tst:7491" version="1" comment="the version of Bthport.sys is less than 6.0.6001.18064" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:5807"/> <state state_ref="oval:org.mitre.oval:ste:3969"/> </file_test> <file_test id="oval:org.mitre.oval:tst:7093" version="1" comment="the version of Bthport.sys is less than 5.1.2600.3389" check_existence="at_least_one_exists" check="all" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.mitre.oval:obj:5807"/> <state state_ref="oval:org.mitre.oval:ste:3064"/> </file_test> </tests> <objects> <registry_object id="oval:org.mitre.oval:obj:123" version="1" comment="Registry key that hold the current windows os version" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Microsoft\Windows NT\CurrentVersion</key> <name>CurrentVersion</name> </registry_object> <registry_object id="oval:org.mitre.oval:obj:717" version="1" comment="This registry key holds the service pack installed on the host if one is present." xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Microsoft\Windows NT\CurrentVersion</key> <name>CSDVersion</name> </registry_object> <family_object id="oval:org.mitre.oval:obj:99" version="1" comment="This is the default family object. Only one family object should exist." xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"/> <registry_object id="oval:org.mitre.oval:obj:5590" version="1" comment="This registry key ProductName" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Microsoft\Windows NT\CurrentVersion</key> <name>ProductName</name> </registry_object> <registry_object id="oval:org.mitre.oval:obj:1576" version="1" comment="This registry key identifies the architecture on the system" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SYSTEM\CurrentControlSet\Control\Session Manager\Environment</key> <name>PROCESSOR_ARCHITECTURE</name> </registry_object> <file_object id="oval:org.mitre.oval:obj:5807" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <path var_ref="oval:org.mitre.oval:var:201"/> <filename>bthport.sys</filename> </file_object> <registry_object id="oval:org.mitre.oval:obj:219" version="1" comment="This registry key identifies the system root." xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Microsoft\Windows NT\CurrentVersion</key> <name>SystemRoot</name> </registry_object> </objects> <states> <registry_state id="oval:org.mitre.oval:ste:2827" version="1" comment="The registry key has a value of Service Pack 2" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>Service Pack 2</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:3794" version="1" comment="The registry key has a value of Service Pack 3" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>Service Pack 3</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:3649" version="1" comment="x86 architecture" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>x86</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:3" version="1" comment="The registry key has a value of 5.1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>5.1</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:2662" version="1" comment="The registry key has a value of Service Pack 1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>Service Pack 1</value> </registry_state> <family_state id="oval:org.mitre.oval:ste:99" version="1" comment="Microsoft Windows family" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"> <family>windows</family> </family_state> <registry_state id="oval:org.mitre.oval:ste:3828" version="1" comment="The registry key matches with Vista" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">.*[Vv]ista.*</value> </registry_state> <registry_state id="oval:org.mitre.oval:ste:3180" version="2" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value>amd64</value> </registry_state> <file_state id="oval:org.mitre.oval:ste:3991" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <version datatype="version" operation="less than">5.1.2600.5620</version> </file_state> <file_state id="oval:org.mitre.oval:ste:3472" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <version datatype="version" operation="less than">6.0.6000.16682</version> </file_state> <file_state id="oval:org.mitre.oval:ste:3969" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <version datatype="version" operation="less than">6.0.6001.18064</version> </file_state> <file_state id="oval:org.mitre.oval:ste:3064" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <version datatype="version" operation="less than">5.1.2600.3389</version> </file_state> </states> <variables> <local_variable id="oval:org.mitre.oval:var:201" version="1" comment="Windows system 32 drivers directory" datatype="string"> <concat> <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:219"/> <literal_component>\System32\drivers</literal_component> </concat> </local_variable> </variables> </oval_definitions> |
|||||||||||||||
Worrell, Bryan A.
|
Sudhir,
Thank you for your submission to the OVAL Repository. Your submission has been processed and is available for further community review via the OVAL Repository website. Thanks, Bryan Worrell __ Bryan Worrell The MITRE Corporation bworrell@... >-----Original Message----- >From: Sudhir Gandhe [mailto:sgandhe@...] >Sent: Thursday, July 10, 2008 9:34 AM >To: oval-discussion-list OVAL Discussion List/Closed Public Discussi >Subject: [OVAL-DISCUSSION-LIST] modifications to definition 4730 > >Attached is the update to definition 4730. > > > > > >-SG > >To unsubscribe, send an email message to LISTSERV@... with >SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have >difficulties, write to OVAL-DISCUSSION-LIST-request@.... To unsubscribe, send an email message to LISTSERV@... with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to OVAL-DISCUSSION-LIST-request@.... |
|||||||||||||||
| Free Forum Powered by Nabble | Forum Help |