HomeProductsSupportServicesTrainingPartnersCompanyContact     


assuriaONLINE Customer and Partner resources Logon / register
     

Subscribe via RSS

RSS 2.0

 assuria bulletin                                                               

 

 
 Title:                         Assuria   Assuria Auditor AutoUpdate #82 released

 Number:                   76          Date:   30th July 2008
 

   

Title.

Assuria Auditor AutoUpdate #82

 

Introduction

 

Assuria Auditor AutoUpdate #82 is a content update and minor functionality update.

 

The update is compatible with, and suitable for application to all Assuria Auditor agents.

 

 

Improved tabulation of vulnerability details

 

The html session reports (classic and expanding; sorted by risk level or standard) have already been enhanced to provide tabulated vulnerability details in some circumstances. This has now been enhanced to tabulate output for checks where the details reported is driven by the contents of the ruleset file.

 

 

Bug fixes

 

1. The functionality around obtaining the bind version from named on all UNIX platforms has been revamped.

 

2. Password default setting checks on UNIX have been changed to be more tolerant to inline comments.

 

3. The UNIX check ftp-wrapped has been modified so that it no longer produces false negatives under certain circumstances

 

 

Update details

 

This information is also held in a 'readme.txt' file in the Assuria Auditor Console's install directory.

 

Console update

 

    o Database update

 

    o Policy Navigators updated for

      - HP HP-UX 11 (PA-RISC)

      - HP HP-UX 11 (IA-64)

      - IBM AIX 4.3.3, 5.1, 5.2, 5.3

      - IBM AIX 6.1

      - Microsoft Windows 2000 (Server and Professional)

      - Microsoft Windows Server 2003

      - Microsoft Windows Server 2008

      - Novell SUSE Enterprise Linux 9 (x86)

      - Novell SUSE Enterprise Linux 10 (x86)

      - Red Hat Enterprise Linux 3, 4, 5

      - Sun Solaris 8

      - Sun Solaris 9

      - Sun Solaris 10 (SPARC)

      - Sun Solaris 10 (X86)

 

     o Updated files

      - bin/tcl/htmlexcp.tbc

      - bin/tcl/IndexedResults.tbc

      - bin/tcl/rep_utils.tbc

 

Agent updates

Updates are included for the following agents:

 

    o HP 11.00, 11.11, 11.23, 11.31 (PA-RISC)

    o HP 11.23, 11.31 (Itanium)

    o IBM AIX 4.3.3, 5.1, 5.2, 5.3

    o IBM AIX 6.1

    o Microsoft Windows 2000 (Server and Professional)

    o Microsoft Windows Server 2003

    o Novell SUSE Enterprise Linux 9 (x86)

    o Novell SUSE Enterprise Linux 10 (x86)

    o Red Hat Enterprise Linux 3, 4, 5

    o Sun Solaris 8

    o Sun Solaris 9

    o Sun Solaris 10 (SPARC)

 

HP 11.00, 11.11, 11.23, 11.31 (PA-RISC)

    o Updated Checks

      - bind-opt-rr-dos

      - bind-sig-rr-bo

      - ftp-wrapped

      - oo-defpwd-history

      - oo-defpwd-maxdays

      - oo-defpwd-mindays

      - oo-defpwd-mindigit

      - oo-defpwd-minlower

      - oo-defwpd-minspecial

      - oo-defwpd-minupper

      - oo-defwpd-passlength

      - oo-defwpd-warndays

      - user-12

 

    o Updated Files

      - bin/checker

      - bin/procs/tools.tcl

      - Configure.sh

 

    o Updated Patch Databases

      - bin/patch_HP-UX.data

      - bin/patch_HP-UX.ref

 

    o Updated Policies

      - Intial-1

      - Intial-All

      - Maintenance-1

      - Maintenance-All

      - sys-accs

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

 

HP 11.23, 11.31 (Itanium)

    o Updated Checks

      - bind-opt-rr-dos

      - bind-sig-rr-bo

      - ftp-wrapped

      - oo-defpwd-history

      - oo-defpwd-maxdays

      - oo-defpwd-mindays

      - oo-defpwd-mindigit

      - oo-defpwd-minlower

      - oo-defwpd-minspecial

      - oo-defwpd-minupper

      - oo-defwpd-passlength

      - oo-defwpd-warndays

 

    o Updated Files

      - bin/procs/tools.tcl

 

    o Updated Patch Databases

      - bin/patch_HP-UX.data

      - bin/patch_HP-UX.ref

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

 

IBM AIX 4.3.3, 5.1, 5.2, 5.3

    o New Checks

      - aix-20080221-Pegasus-CIM-Server-bo-fix

      - aix-IZ11243-fix

      - aix-IZ12745-fix

      - aix-IZ22346-fix

      - aix-IZ22347-fix

      - aix-IZ22368-fix

      - aix-IZ22369-fix

 

    o Updated Checks

      - aix-20080205-OpenSSH-trusted-cookie-fix

      - aix-IZ11820-fix

      - aix-IZ12794-fix

      - aix-IZ13418-fix

      - aix-IZ16992-fix

      - aix-IZ17111-fix

      - aix-IZ19911-fix

      - aix-IZ21481-fix

      - bind-opt-rr-dos

      - bind-sig-rr-bo

      - ftp-wrapped

 

    o Updated Files

      - bin/procs/tools.tcl

 

    o Updated Policies

      - aix-fixes

      - Initial-1

      - Initial-All

      - Maintenance-1

      - Maintenance-All

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

 

IBM AIX 6.1

    o New Checks

      - aix-20080221-Pegasus-CIM-Server-bo-fix

      - aix-IZ22346-fix

      - aix-IZ22347-fix

      - aix-IZ22368-fix

      - aix-IZ22369-fix

 

    o Updated Checks

      - aix-20080205-OpenSSH-trusted-cookie-fix

      - aix-IZ11820-fix

      - aix-IZ12794-fix

      - aix-IZ13418-fix

      - aix-IZ16992-fix

      - aix-IZ17111-fix

      - aix-IZ19911-fix

      - aix-IZ21481-fix

      - aix-IZ22368-fix

      - aix-IZ22369-fix

      - bind-opt-rr-dos

      - bind-sig-rr-bo

      - ftp-wrapped

 

    o Updated Files

      - bin/procs/tools.tcl

 

    o Updated Policies

      - PatchChecks

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

 

 

Microsoft Windows 2000 (Server and Professional)

    o New Checks

      - win-ms08kb941203-update

      - win-ms08kb950582-update

      - win-ms08kb953230-update

 

    o Updated Policies

      - Initial-1

      - Initial-All

      - Maintenance-1

      - Maintenance-All

      - VersionChecks

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

 

Microsoft Windows Server 2003

    o New Checks

      - win-ms08kb941203-update

      - win-ms08kb950582-update

      - win-ms08kb953230-update

 

    o Updated Files

      - Tools.tcl

 

    o Updated Policies

      - Initial-1

      - Initial-All

      - Maintenance-1

      - Maintenance-All

      - VersionChecks

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

 

Microsoft Windows Server 2008

    o New Checks

      - win-ms08kb941203-update

      - win-ms08kb950582-update

      - win-ms08kb953230-update

 

 

    o Updated Policies

      - PatchChecks

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

Novell SUSE Enterprise Linux 9 (x86)

    o Updated checks

      - bind-opt-rr-dos

      - bind-sig-rr-bo

      - ftp-wrapped

      - SuSE-SA-2008-027

 

    o Updated Files

      - bin/procs/tools.tcl

 

    o Updated policies

      - Initial-1

      - Initial-All

      - Maintenance-1

      - Maintenance-All

      - ssa

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

 

Novell SUSE Enterprise Linux 10 (x86)

    o Updated checks

      - bind-opt-rr-dos

      - bind-sig-rr-bo

      - ftp-wrapped

      - SuSE-SA-2008-027

 

    o Updated Files

      - bin/procs/tools.tcl

 

    o Updated policies

      - Initial-1

      - Initial-All

      - Maintenance-1

      - Maintenance-All

      - ssa

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

 

Red Hat Enterprise Linux 3, 4, 5

    o New Checks

      - RHSA-2008-0497

      - RHSA-2008-0502

      - RHSA-2008-0503

      - RHSA-2008-0504

      - RHSA-2008-0508

      - RHSA-2008-0519

      - RHSA-2008-0522

      - RHSA-2008-0529

      - RHSA-2008-0537

      - RHSA-2008-0538

      - RHSA-2008-0547

      - RHSA-2008-0549

      - RHSA-2008-0556

      - RHSA-2008-0569

 

    o Updated Checks

      - bind-opt-rr-dos

      - bind-sig-rr-bo

      - firewall-disabled

      - ftp-wrapped

 

    o Updated Files

      - bin/procs/tools.tcl

 

    o Updated Policies

      - Initial-1

      - Initial-All

      - Maintenance-1

      - Maintenance-All

      - rhsa

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

 

 

Sun Solaris 8

    o Updated Checks

      - bind-opt-rr-dos

      - bind-sig-rr-bo

      - ftp-wrapped

      - oo-defpwd-maxweeks

      - oo-defpwd-minweeks

      - oo-defpwd-passlength

      - oo-defpwd-warnweeks

 

    o Updated Files

      - bin/procs/tools.tcl

 

    o Updated Patch Databases

      - bin/patch_Solaris.data

      - bin/patch_Solaris.ref

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

 

Sun Solaris 9

    o Updated Checks

      - bind-opt-rr-dos

      - bind-sig-rr-bo

      - ftp-wrapped

      - oo-defpwd-maxweeks

      - oo-defpwd-minweeks

      - oo-defpwd-passlength

      - oo-defpwd-warnweeks

 

    o Updated Files

      - bin/procs/tools.tcl

 

    o Updated Patch Databases

      - bin/patch_Solaris.data

      - bin/patch_Solaris.ref

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

 

Sun Solaris 10 (SPARC)

    o Updated Checks

      - bind-opt-rr-dos

      - bind-sig-rr-bo

      - ftp-wrapped

      - oo-defpwd-dictiondbdir

      - oo-defpwd-dictionlist

      - oo-defpwd-history

      - oo-defpwd-maxrepeats

      - oo-defpwd-maxweeks

      - oo-defpwd-minalpha

      - oo-defpwd-mindiff

      - oo-defpwd-mindigit

      - oo-defpwd-minlower

      - oo-defpwd-minnonalpha

      - oo-defpwd-minspecial

      - oo-defpwd-minupper

      - oo-defpwd-minweeks

      - oo-defpwd-namecheck

      - oo-defpwd-passlength

      - oo-defpwd-warnweeks

      - oo-defpwd-whitespace

 

    o Updated Files

      - bin/procs/tools.tcl

 

    o Updated Patch Databases

      - bin/patch_Solaris.data

      - bin/patch_Solaris.ref

 

    o Auto Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_82.zip

      - lib/xpud3_82.sgn

      - etc/update.ini

 

 

 
Assuria Limited, Science & Technology Centre, The University of Reading, Earley Gate, Reading, RG6 6BZ, UK. 

Telephone +44 118 935 7395     Fax +44 118 926 7917     Web www.assuria.com
 


System Scanner and X-Press Update are registered trademarks of Internet Security Systems Inc. of Atlanta, Georgia, USA
© Copyright Assuria Limited.  All rights reserved.



01/08/2008

Legal notice | Site map | Contact Assuria
© Copyright 2006 - Assuria Limited.  All rights reserved