|
Title. |
AutoUpdate
#63
|
|
Contents |
-
Introduction
-
Security Content Updates
-
Improved Error Reporting
-
Content details
|
|
Introduction |
AutoUpdate
63 is a security and feature content update. It contains updated console
content, new and updated checks and policies, and updated patch
databases, policy navigators and console database content.
The
update is compatible with, and suitable for application to, both Assuria
Auditor and ISS System Scanner agents.
|
|
Security
Content Updates
|
Security
content based on newly published vendor security bulletins (or similar)
is included for the agents listed below
-
IBM AIX 4.3/5.1/5.2
(p-Series)
-
HP HP-UX 11 (PA-RISC)
-
HP HP-UX 11 (IA-64)
-
Microsoft Windows 2000
-
Microsoft Windows Server
2003 (x86)
-
Red Hat Enterprise Linux
3 and later (x86 and x64)
-
Sun Solaris 8 (SPARC)
-
Sun Solaris 9 (SPARC)
-
Sun Solaris 10 (SPARC)
|
|
Feature
updates
|
|
|
Improved
Error Reporting |
Additional fields have been added to the database schema, in order to
improve error reporting to customer applications which read the Assuria
Auditor database. Both table Scans and ScanErrors now have
an additional field ErrorHint which contains further information
on the cause of any error. Data will be loaded into the ScanErrors
table in more circumstances than formerly, allowing applications access
to error information previously only available in the console status
line or from errorlog.n files. As a consequence, more error
information will be available in reports for incomplete sessions.
This change is the second stage of a two stage change, with the first
stage delivered in AU#62. More information on the hint values are
provided in Assuria Technical Note 12, which is available for download
on the AssuriaOnline web site. |
|
Assuria
Diagnostic policy and checks
|
For
some time each agent has been issued with checks named _iss_diagnostic_xx
along with a Policy called _ISS_Diagnostic that could be installed and
run at the request of Assuria Support.
Several users have requested that the Diagnostic policy becomes part of
the standard agent inventory.
The
checks and Policy have been renamed AS_Diagnostic-xxxx are are:
New Policy
- AS-Diagnostic
·
Checks
- AS-Diagnostic-basic
- AS-Diagnostic-env
- AS-Diagnostic-globals
- AS-Diagnostic-users
Some user may find the check AS-Diagnostics-basic useful in that it
provides information about the agents host environment. For example:
Vulnerability detail
System Scanner
version = 4.0.0.0 WIN32 600
build = {1.0.0.101} {Nov 8 2006}
XPU/SR
= 61
Operating System
machine = NORMAL
type = WORKSTATION
version = NT 5.0 Workstation
major_version = 5
minor_version = 0
service_pack = 4
build = 2195
host = DUGITE
ports
command = any,SSL,9991
jobsend = DUGITE,SSL,9992
|
|
Console
update |
Database
update
-
Updated information on new and existing checks
o
Updated Policy Navigators
- IBM
AIX
- Red
Hat Enterprise Linux
- Sun
Solaris 8
- Sun
Solaris 9
- Sun
Solaris 10 on Sparc
- Sun
Solaris 10 on X86
-
Windows 2000
-
Windows 2003
o New
Policy Navigators
- HP
HP-UX 11 on PA-RISC
- HP
HP-UX 11 on IA-64
o
Deleted Policy Navigators
- HP
HP-UX 11
o
Updated Files
-
bin/tcl/startup.tbc
-
bin/tcl/jobsh.tbc
-
lib/DbImport/dbresimport.tcl
-
lib/s2dbload/s2dbload.dll
|
|
Agent
updates
|
|
|
IBM AIX
4.3/5.1/5.2
(p-Series) |
o New
Checks
-
AS-Diagnostic-basic
-
AS-Diagnostic-env
-
AS-Diagnostic-globals
-
AS-Diagnostic-users
-
aix-IY95526-fix
-
aix-IY95637-fix
-
aix-IY98417-fix
-
aix-IY98546-fix
o New
Policy
-
AS-Diagnostic
o
Updated Policies
- aix-fixes
-
Initial-1
-
Initial-All
-
Maintenance-1
-
Maintenance-All
o
X-Press Update Files
-
rulesets/unarchivePolicy
-
signatures/rulesets/unarchivePolicy.sgn
-
lib/xpud3_63.zip
-
lib/xpud3_63.sgn
-
etc/update.ini
|
|
HP HP-UX 11
(PA-RISC) |
o New
Checks
-
AS-Diagnostic-basic
-
AS-Diagnostic-env
-
AS-Diagnostic-globals
-
AS-Diagnostic-users
o New
Policy
-
AS-Diagnostic
o
Updated Patch Database
-
bin/patch_HP-UX.data
-
bin/patch_HP-UX.ref
o
X-Press Update Files
-
rulesets/unarchivePolicy
-
signatures/rulesets/unarchivePolicy.sgn
-
lib/xpud3_63.zip
-
lib/xpud3_63.sgn
-
etc/update.ini
|
|
HP HP-UX 11
(IA-64) |
o New
Checks
-
AS-Diagnostic-basic
-
AS-Diagnostic-env
-
AS-Diagnostic-globals
-
AS-Diagnostic-users
o New
Policy
-
AS-Diagnostic
o
Updated Patch Database
-
bin/patch_HP-UX.data
-
bin/patch_HP-UX.ref
o
X-Press Update Files
-
rulesets/unarchivePolicy
-
signatures/rulesets/unarchivePolicy.sgn
-
lib/xpud3_63.zip
-
lib/xpud3_63.sgn
-
etc/update.ini
|
|
Red Hat
Enterprise Linux 3 (x86), 4 (x86) & 4 (x64) |
o New
Checks
-
AS-Diagnostic-basic
-
AS-Diagnostic-env
-
AS-Diagnostic-globals
-
AS-Diagnostic-users
-
RHSA-2007-0065
-
RHSA-2007-0327
-
RHSA-2007-0336
-
RHSA-2007-0338
-
RHSA-2007-0342
-
RHSA-2007-0343
-
RHSA-2007-0344
-
RHSA-2007-0345
-
RHSA-2007-0346
-
RHSA-2007-0347
-
RHSA-2007-0348
-
RHSA-2007-0349
-
RHSA-2007-0353
-
RHSA-2007-0354
-
RHSA-2007-0355
-
RHSA-2007-0356
-
RHSA-2007-0358
-
RHSA-2007-0360
-
RHSA-2007-0379
-
RHSA-2007-0385
-
RHSA-2007-0386
-
RHSA-2007-0389
-
RHSA-2007-0391
-
RHSA-2007-0400
-
RHSA-2007-0401
-
RHSA-2007-0402
o
Updated Checks
-
apache-servertokenvalue
-
RHSA-2003-315
-
RHSA-2005-039
-
RHSA-2005-040
-
RHSA-2005-334
-
RHSA-2005-378
-
RHSA-2005-381
-
RHSA-2005-430
-
RHSA-2005-584
-
tdfc-inet-24
-
tdfc-inet-25
o New
Policy
-
AS-Diagnostic
o
Updated Policies
-
sys-cfgs
-
Initial-1
-
Initial-3
-
Initial-All
-
Maintenance-1
-
Maintenance-All
-
rhsa
o
X-Press Update Files
-
rulesets/unarchivePolicy
-
signatures/rulesets/unarchivePolicy.sgn
-
lib/xpud3_63.zip
-
lib/xpud3_63.sgn
-
etc/update.ini
|
|
Microsoft
Windows 2000 |
o X-Press
Update Files
-
rulesets/unarchivePolicy
-
signatures/rulesets/unarchivePolicy.sgn
-
lib/xpud3_63.zip
-
lib/xpud3_63.sgn
-
etc/update.ini
o
Updated Policies
-
versionChecks
-
Initial-1
-
Initial-All
-
Maintenance-1
-
Maintenance-All
o New
Checks
-
AS-Diagnostic-basic
-
AS-Diagnostic-env
-
AS-Diagnostic-globals
-
AS-Diagnostic-users
-
win-ms07kb933566-update
-
win-ms07kb935839-update
-
win-ms07kb935840-update
o New
Policy
-
AS-Diagnostic
|
|
Microsoft
Windows Server 2003 (x86)
|
o
X-Press Update Files
-
rulesets/unarchivePolicy
-
signatures/rulesets/unarchivePolicy.sgn
-
lib/xpud3_63.zip
-
lib/xpud3_63.sgn
-
etc/update.ini
o
Updated Policies
-
versionChecks
-
Initial-1
-
Initial-All
-
Maintenance-1
-
Maintenance-All
o New
Checks
-
AS-Diagnostic-basic
-
AS-Diagnostic-env
-
AS-Diagnostic-globals
-
AS-Diagnostic-users
-
win-ms07kb929123-update
-
win-ms07kb933566-update
-
win-ms07kb935839-update
-
win-ms07kb935840-update
o New
Policy
-
AS-Diagnostic
|
|
Sun Solaris
8 (SPARC) |
o New
Checks
-
AS-Diagnostic-basic
-
AS-Diagnostic-env
-
AS-Diagnostic-globals
-
AS-Diagnostic-users
o New
Policy
-
AS-Diagnostic
o
Updated Patch Database
-
bin/patch_Solaris.data
-
bin/patch_Solaris.ref
o
X-Press Update Files
-
rulesets/unarchivePolicy
-
signatures/rulesets/unarchivePolicy.sgn
-
lib/xpud3_63.zip
-
lib/xpud3_63.sgn
-
etc/update.ini
|
|
Sun Solaris
9 (SPARC) |
o New
Checks
-
AS-Diagnostic-basic
-
AS-Diagnostic-env
-
AS-Diagnostic-globals
-
AS-Diagnostic-users
o New
Policy
-
AS-Diagnostic
o
Updated Patch Database
-
bin/patch_Solaris.data
-
bin/patch_Solaris.ref
o
X-Press Update Files
-
rulesets/unarchivePolicy
-
signatures/rulesets/unarchivePolicy.sgn
-
lib/xpud3_63.zip
-
lib/xpud3_63.sgn
-
etc/update.ini
|
|
Sun Solaris
10 (SPARC) |
o New
Checks
-
AS-Diagnostic-basic
-
AS-Diagnostic-env
-
AS-Diagnostic-globals
-
AS-Diagnostic-users
o New
Policy
-
AS-Diagnostic
o
Updated Patch Database
-
bin/patch_Solaris.data
-
bin/patch_Solaris.ref
o
X-Press Update Files
-
rulesets/unarchivePolicy
-
signatures/rulesets/unarchivePolicy.sgn
-
lib/xpud3_63.zip
-
lib/xpud3_63.sgn
-
etc/update.ini
|
