assuria bulletin 54

assuriaONLINE Customer and Partner resources Logon / register

Subscribe via RSS

RSS 2.0

assuria bulletin

Title: Assuria Auditor AutoUpdate #69 release

Number: 54 Date: 31st October 2007

Title.	Assuria Auditor AutoUpdate 69 release
Introduction	This update contains security content and updated product features. It contains updated console content, new and updated checks and policies, and updated patch databases, policy navigators and console database content. The update is compatible with, and suitable for application to all Assuria Auditor agents.
Security Content Updates	Security content based on newly published vendor security bulletins (or similar) is included for the agents listed below IBM AIX 4.3, 5.0, 5.1, 5.2 HP HP-UX 11 (PA-RISC) HP HP-UX 11 (IA-64) Microsoft Windows 2000 (Server and Professional) Microsoft Windows Server 2003 Novell SUSE Enterprise Linux 9 (x86) Novell SUSE Enterprise Linux 10 (x86) Red Hat Enterprise Linux 3 and later (x86 and x64) Sun Solaris 8 (SPARC) Sun Solaris 9 (SPARC) Sun Solaris 10 (SPARC)
New features
Compliance Reporting - HIPAA	The Console database update includes the mapping of Assuria Auditor checks to ("HIPAA") the Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. The recently enhanced Assuria Auditor reporting fully supports the new HIPAA mapping. Assuria Auditor now includes the mapping of checks to ISO 27001, ISO 27002 (formerly ISO 17799), PCI, SOX, FISMA, BID and CVE. The updated Policy Navigators allow the easy cross-reference of all the standards and checks.
Platform Support	This Update contains platform support for the following new or future agents: SUSE Linux Enterprise Server 10 (X86) Microsoft Windows 2008 (beta)
Logging versions of frozen-files checks	Following a customer request Assuria has developed new frozen file checks and a new policy. ‘frozenfilelog’. When run, these checks function as for their non-logging equivalents, but also log messages including the status change and file name to the event log or syslog. These new Policy and checks are currently available for the following platforms: Microsoft Windows 2000 (Server and Professional) Microsoft Windows Server 2003 Assuria Auditor AutoUpdate #70 will make available these Policies and checks for the other supported platforms.
Inventory checks	Following a customer request Assuria has developed new Inventory Policy and Checks have been added to most platform. The checks include Hardware information; Devices, CPU, Discs, Network adapters and system model. In addition currently open ports and listening services, and installed software packages are reported. Information for these checks is obtained by Assuria Auditor using available system calls and the detail available varies between operating systems and hardware suppliers. Assuria would like user feedback on these checks and request for additions or changes to these checks.
Bug fixes	This Update contains a bug fix to the console, to fix a bug that allowed creation of hosts and classes with invalid characters in their names and/or description, if the name/description was entered into the GUI console using cut and paste. This Update contains a bug fix to the console, to fix a bug that allowed creation of hosts and classes with invalid characters in their names and/or description using the command line console. This Update contains a new system scanner daemon for HP HP-UX on PA-RISC, to fix a bug that has been observed at customer site when running on SuperDome and possibly other systems. This Update contains a bug fix to the console, to fix a bug that caused the vulnerability editor to fail if presented with a tdfc vulnerability found on line 0 of a text file.
Textual Manifest	The full manifest of new and changed files for this update can be viewed below.
Console update	o Database update - CheckPlatform information for SUSE Linux Enterprise Server 10 on X86 - Platform and HostCategory information for Windows 2008 o Updated Policy Navigator - All currently supported platforms o Console Files - bin/tcl/class.tbc - bin/tcl/exceptions.tbc - bin/tcl/file.tbc - bin/tcl/host.tbc - bin/tcl/rep_utils.tbc - bin/tcl/shell.tbc - bin/tcl/treeutils.tbc - bin/tcl/utils.tbc - bin/tcl/IndexedResults.tbc - etc/xpu_config
Agent updates	Updates are included for the following agents: o IBM AIX 4.3, 5.0, 5.1, 5.2 o HP HP-UX 11 (PA-RISC) o HP HP-UX 11 (IA-64) o Microsoft Windows 2000 (Server and Professional) o Microsoft Windows Server 2003 o Novell SUSE Enterprise Linux 9 (x86) o Novell SUSE Enterprise Linux 10 (x86) o Red Hat Enterprise Linux 3 and later (x86 and x64) o Sun Solaris 8 (SPARC) o Sun Solaris 9 (SPARC) o Sun Solaris 10 (SPARC)
IBM AIX 4.3/5.1/5.2 (p-Series)	o New Policies - Inventory o New Checks - oo-inventory-1-0-devices - oo-inventory-2-0-cpu - oo-inventory-3-0-disks - oo-inventory-4-0-model - oo-inventory-5-0-network-adapter - oo-inventory-active-ports - oo-inventory-package o Updated executable files - proc_packages.tcl o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_69.zip - lib/xpud3_69.sgn - etc/update.ini
HP HP-UX 11 (PA-RISC)	o New Policies - Inventory o New Checks - oo-inventory-1-0-devices - oo-inventory-2-0-cpu - oo-inventory-3-0-disks - oo-inventory-4-0-model - oo-inventory-5-0-network-adapter - oo-inventory-active-ports - oo-inventory-package o Updated Patch Database - bin/patch_HP-UX.data - bin/patch_HP-UX.ref o Updated executable files - proc_packages.tcl - sysscand o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_69.zip - lib/xpud3_69.sgn - lib/xpud3_69_script.sh - lib/xpud3_69_script2.sh - etc/update.ini
HP HP-UX 11 (IA-64)	o Updated Patch Database - bin/patch_HP-UX.data - bin/patch_HP-UX.ref o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_69.zip - lib/xpud3_69.sgn - etc/update.ini
Microsoft Windows 2000	o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_69.zip - lib/xpud3_69.sgn - etc/update.ini o New Policies - frozenfileslog - Inventory o Updated Policies - versionChecks - Initial-1 - Initial-All - Maintenance-1 - Maintenance-All o New Checks - frozen-file-01-log - frozen-file-02-log - frozen-file-03-log - frozen-file-04-log - frozen-file-06-log - frozen-file-07-log - frozen-file-08-log - frozen-file-09-log - frozen-file-13-log - frozen-file-attributes-log - frozen-file-sacl-log - oo-inventory-1-0-devices - oo-inventory-2-0-cpu - oo-inventory-3-0-disks - oo-inventory-4-0-model - oo-inventory-5-0-network-adapter - oo-inventory-active-ports - oo-inventory-package - win-ms07kb923810-update - win-ms07kb933729-update - win-ms07kb939653-update - win-ms07kb941202-update - win-ms07kb942695-update o Updated executable files - proc_packages.tcl - tools.tcl
Microsoft Windows Server 2003 (x86)	o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_69.zip - lib/xpud3_69.sgn - etc/update.ini o New Policies - frozenfileslog - Inventory o Updated Policies - versionChecks - Initial-1 - Initial-All - Maintenance-1 - Maintenance-All o New Checks - frozen-file-01-log - frozen-file-02-log - frozen-file-03-log - frozen-file-04-log - frozen-file-06-log - frozen-file-07-log - frozen-file-08-log - frozen-file-09-log - frozen-file-13-log - frozen-file-attributes-log - frozen-file-sacl-log - oo-inventory-1-0-devices - oo-inventory-2-0-cpu - oo-inventory-3-0-disks - oo-inventory-4-0-model - oo-inventory-5-0-network-adapter - oo-inventory-active-ports - oo-inventory-package - win-ms07kb923810-update - win-ms07kb933729-update - win-ms07kb939653-update - win-ms07kb941202-update - win-ms07kb942695-update o Updated executable files - proc_packages.tcl - tools.tcl
Novell SUSE Enterprise Linux 9 (x86)	o New Checks - SuSE-SA-2006-044 - SuSE-SA-2006-055 - SuSE-SA-2007-017 - SuSE-SA-2007-047 - SuSE-SA-2007-048 - SuSE-SA-2007-049 - SuSE-SA-2007-051 o New Policy - ssa o Updated Policies - Initial-1 - Initial-All - Maintenance-1 - Maintenance-All o Updated executable files - tools.tcl o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_69.zip - lib/xpud3_69.sgn - etc/update.ini
Novell SUSE Enterprise Linux 10 (x86)	o New Checks - SuSE-SA-2006-044 - SuSE-SA-2006-055 - SuSE-SA-2007-017 - SuSE-SA-2007-047 - SuSE-SA-2007-048 - SuSE-SA-2007-049 - SuSE-SA-2007-051 o New Policy - ssa o Updated Policies - Initial-1 - Initial-All - Maintenance-1 - Maintenance-All o Updated executable files - tools.tcl o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_69.zip - lib/xpud3_69.sgn - etc/update.ini
Red Hat Enterprise Linux 3 and later (x86 and x64)	o New Checks - oo-inventory-1-0-devices - oo-inventory-2-0-cpu - oo-inventory-3-0-disks - oo-inventory-4-0-model - oo-inventory-5-0-network-adapter - oo-inventory-active-ports - oo-inventory-package - RHSA-2007-0323 - RHSA-2007-0513 - RHSA-2007-0705 - RHSA-2007-0845 - RHSA-2007-0848 - RHSA-2007-0871 - RHSA-2007-0883 - RHSA-2007-0889 - RHSA-2007-0890 - RHSA-2007-0894 - RHSA-2007-0898 - RHSA-2007-0913 - RHSA-2007-0933 - RHSA-2007-0936 - RHSA-2007-0937 - RHSA-2007-0938 - RHSA-2007-0951 o New Policies - Inventory o Updated Policies - Initial-1 - Initial-All - Maintenance-1 - Maintenance-All - rhsa o Updated executable files - proc_packages.tcl o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_69.zip - lib/xpud3_69.sgn - etc/update.ini
Sun Solaris 8 (SPARC)	o New Policies - Inventory o New Checks - oo-inventory-1-0-devices - oo-inventory-2-0-cpu - oo-inventory-3-0-disks - oo-inventory-4-0-model - oo-inventory-5-0-network-adapter - oo-inventory-active-ports - oo-inventory-package o Updated Patch Database - bin/patch_Solaris.data - bin/patch_Solaris.ref o Updated executable files - proc_packages.tcl o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_69.zip - lib/xpud3_69.sgn - etc/update.ini
Sun Solaris 9 (SPARC)	o New Policies - Inventory o New Checks - oo-inventory-1-0-devices - oo-inventory-2-0-cpu - oo-inventory-3-0-disks - oo-inventory-4-0-model - oo-inventory-5-0-network-adapter - oo-inventory-active-ports - oo-inventory-package o Updated Patch Database - bin/patch_Solaris.data - bin/patch_Solaris.ref o Updated executable files - proc_packages.tcl o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_69.zip - lib/xpud3_69.sgn - etc/update.ini
Sun Solaris 10 (SPARC)	o New Policies - Inventory o New Checks - oo-inventory-1-0-devices - oo-inventory-2-0-cpu - oo-inventory-3-0-disks - oo-inventory-4-0-model - oo-inventory-5-0-network-adapter - oo-inventory-active-ports - oo-inventory-package o Updated Patch Database - bin/patch_Solaris.data - bin/patch_Solaris.ref o Updated executable files - proc_packages.tcl o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_69.zip - lib/xpud3_69.sgn - etc/update.ini

Assuria Limited, Science & Technology Centre, The University of Reading, Earley Gate, Reading, RG6 6BZ, UK.

Telephone +44 118 935 7395 Fax +44 118 926 7917 Web www.assuria.com

27/01/2008