assuria bulletin 57

assuriaONLINE Customer and Partner resources Logon / register

Subscribe via RSS

RSS 2.0

assuria bulletin

Title: Assuria Auditor AutoUpdate 70 released

Number: 57 Date: 30 November 2007

Title.	Assuria Auditor AutoUpdate 70 release
Introduction	This update contains security content and updated product features. It contains updated console content, new and updated checks and policies, and updated patch databases, policy navigators and console database content. The update is compatible with, and suitable for application to all Assuria Auditor agents.
Security Content Updates	Security content based on newly published vendor security bulletins (or similar) is included for the agents listed below: IBM AIX 4.3, 5.0, 5.1, 5.2 HP HP-UX 11 (PA-RISC) HP HP-UX 11 (IA-64) Microsoft Windows 2000 (Server and Professional) Microsoft Windows Server 2003 Novell SUSE Enterprise Linux 9 (x86) Novell SUSE Enterprise Linux 10 (x86) Red Hat Enterprise Linux 3 and later (x86 and x64) Sun Solaris 8 (SPARC) Sun Solaris 9 (SPARC) Sun Solaris 10 (SPARC)
New features
Enabling new risk levels	This update introduces a new risk level storage mechanism in the database, which will allow new risk levels of 'Information' and 'Critical', in addition to the existing levels of 'Low', 'Medium' and 'High'. The new risk levels will be stored in different database structures, and the existing structures will be maintained so as not to prejudice compatibility with existing customer and third-party applications that directly access the database. Such applications will continue to see the three risk level model, with new level 'Information' mapped to 'Low' and 'Critical' mapped to 'High'. This change is part of a phased approach to the introduction of the new levels, and no checks will be shipped at this AU using the new levels.
Logging versions of frozen-files checks	This update contains new frozen file checks and a new frozenfilelog policy. When run, these checks function as for their non-logging equivalents, but also log a message including the file name to the event log or syslog. These are already available for the following platforms: Microsoft Windows 2000 (Server and Professional) Microsoft Windows Server 2003 and this update adds support for: HP HP-UX 11 (PA-RISC) Sun Solaris 8 (SPARC) Sun Solaris 9 (SPARC) Sun Solaris 10 (SPARC)
Textual Manifest	The full manifest of new and changed files for this update can be viewed below.
Console update	o Database update - New risk level structure o Policy Navigators for - IBM AIX 4.3, 5.0, 5.1, 5.2 - HP HP-UX 10.20 (PA-RISC) - HP HP-UX 11 (PA-RISC) - HP HP-UX 11 (IA-64) - Microsoft Windows 2000 (Server and Professional) - Microsoft Windows Server 2003 - Novell SUSE Enterprise Linux 9 (x86) - Novell SUSE Enterprise Linux 10 (x86) - Novell SUSE Enterprise Linux 10 (IBM z-series) - Red Hat Enterprise Linux 3 and later (x86 and x64) - Sun Solaris 7 (SPARC) - Sun Solaris 8 (SPARC) - Sun Solaris 9 (SPARC) - Sun Solaris 10 (SPARC) o Console Files - bin/S2dbupdate.exe - bin/tcl/db.tbc - bin/tcl/host.tbc - bin/tcl/IndexedResults.tbc - bin/tcl/rule.tbc - bin/tcl/report.tbc - bin/tcl/RuleEditor.tbc - bin/tcl/startup.tbc - bin/tcl/treeutils.tbc - lib/DbImport/dbresimport.tcl - lib/s2dbload/s2dbload.dll
Agent updates
IBM AIX 4.3/5.1/5.2 (p-Series)	o New Checks - aix-IZ01121-fix - aix-IZ01135-fix - aix-IZ01812-fix - aix-IZ03054-fix - aix-IZ03055-fix - aix-IZ03060-fix - aix-IZ03061-fix - aix-IZ04832-fix - aix-IZ05017-fix - aix-IZ05066-fix - aix-IZ05349-fix - aix-IZ05487-fix - aix-IZ05609-fix - aix-IZ05877-fix - aix-IZ06001-fix o Updated Checks - user-40 o Updated Policies - aix-fixes - Initial-1 - Initial-All - Maintenance-1 - Maintenance-All o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_70.zip - lib/xpud3_70.sgn - etc/update.ini
HP HP-UX 11 (PA-RISC)	o Updated Patch Database - bin/patch_HP-UX.data - bin/patch_HP-UX.ref o New Checks - frozen-file-01-log - frozen-file-02-log - frozen-file-03-log - frozen-file-04-log - frozen-file-05-log - frozen-file-06-log - frozen-file-07-log - frozen-file-08-log - frozen-file-09-log - frozen-file-11-log o Updated Checks - user-40 o New Policy - frozenfilelog o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_70.zip - lib/xpud3_70.sgn - lib/xpud3_70_script.sh - lib/xpud3_70_script2.sh - etc/update.ini
HP HP-UX 11 (IA-64)	o Updated Patch Database - bin/patch_HP-UX.data - bin/patch_HP-UX.ref o Updated Checks - user-40 o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_70.zip - lib/xpud3_70.sgn - etc/update.ini
Microsoft Windows 2000	o New Checks - win-ms07kb941672-update o Updated Checks - reg-anon-01 - reg-dcom-03 o Updated Policies - versionChecks - Initial-1 - Initial-All - Maintenance-1 - Maintenance-All o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_70.zip - lib/xpud3_70.sgn - etc/update.ini
Microsoft Windows Server 2003 (x86)	o New Checks - win-ms07kb941672-update - win-ms07kb943460-update o Updated Checks - oo-audit-02 - reg-anon-01 - reg-dcom-03 - reg-nt-vers-01 - user-101 o Updated Policies - versionChecks - Initial-1 - Initial-All - Maintenance-1 - Maintenance-All o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_70.zip - lib/xpud3_70.sgn - etc/update.ini
Novell SUSE Enterprise Linux 9 (x86)	o New Checks - SuSE-SA-2007-031 - SuSE-SA-2007-032 - SuSE-SA-2007-033 - SuSE-SA-2007-035 - SuSE-SA-2007-036 - SuSE-SA-2007-038 - SuSE-SA-2007-039 - SuSE-SA-2007-040 - SuSE-SA-2007-041 - SuSE-SA-2007-042 - SuSE-SA-2007-044 - SuSE-SA-2007-045 - SuSE-SA-2007-053 - SuSE-SA-2007-054 - SuSE-SA-2007-055 - SuSE-SA-2007-056 - SuSE-SA-2007-057 o Updated Checks - user-40 o Updated Policies - Initial-1 - Initial-All - Maintenance-1 - Maintenance-All - ssa o Updated Executable Files - bin/procs/tools.tcl o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_70.zip - lib/xpud3_70.sgn - etc/update.ini
Novell SUSE Enterprise Linux 10 (x86)	o New Checks - SuSE-SA-2007-031 - SuSE-SA-2007-032 - SuSE-SA-2007-033 - SuSE-SA-2007-035 - SuSE-SA-2007-036 - SuSE-SA-2007-038 - SuSE-SA-2007-039 - SuSE-SA-2007-040 - SuSE-SA-2007-041 - SuSE-SA-2007-042 - SuSE-SA-2007-044 - SuSE-SA-2007-045 - SuSE-SA-2007-053 - SuSE-SA-2007-054 - SuSE-SA-2007-055 - SuSE-SA-2007-056 - SuSE-SA-2007-057 o Updated Checks - user-01 - user-40 o Updated Policies - Initial-1 - Initial-All - Maintenance-1 - Maintenance-All - ssa o Updated Executable Files - bin/procs/tools.tcl o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_70.zip - lib/xpud3_70.sgn - etc/update.ini
Red Hat Enterprise Linux 3 and later (x86 and x64)	o New Checks - RHSA-2007-0368 - RHSA-2007-0540 - RHSA-2007-0542 - RHSA-2007-0555 - RHSA-2007-0631 - RHSA-2007-0640 - RHSA-2007-0710 - RHSA-2007-0746 - RHSA-2007-0813 - RHSA-2007-0876 - RHSA-2007-0891 - RHSA-2007-0905 - RHSA-2007-0909 - RHSA-2007-0911 - RHSA-2007-0917 - RHSA-2007-0932 - RHSA-2007-0939 - RHSA-2007-0940 - RHSA-2007-0950 - RHSA-2007-0956 - RHSA-2007-0957 - RHSA-2007-0960 - RHSA-2007-0963 - RHSA-2007-0964 - RHSA-2007-0966 - RHSA-2007-0967 - RHSA-2007-0968 - RHSA-2007-0975 - RHSA-2007-0979 - RHSA-2007-0980 - RHSA-2007-0981 - RHSA-2007-0992 - RHSA-2007-1011 - RHSA-2007-1020 - RHSA-2007-1021 - RHSA-2007-1022 - RHSA-2007-1023 - RHSA-2007-1025 - RHSA-2007-1026 - RHSA-2007-1027 - RHSA-2007-1028 - RHSA-2007-1029 - RHSA-2007-1030 - RHSA-2007-1037 o Updated Checks - RHSA-2007-0539 - user-40 o Updated Policies - Initial-1 - Initial-All - Maintenance-1 - Maintenance-All - rhsa o Updated Executable Files - bin/procs/tools.tcl o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_70.zip - lib/xpud3_70.sgn - etc/update.ini
Sun Solaris 8 (SPARC)	o Updated Patch Database - bin/patch_Solaris.data - bin/patch_Solaris.ref o New Checks - frozen-file-01-log - frozen-file-02-log - frozen-file-03-log - frozen-file-04-log - frozen-file-05-log - frozen-file-06-log - frozen-file-07-log - frozen-file-08-log - frozen-file-09-log - frozen-file-11-log o Updated Checks - user-40 o New Policy - frozenfilelog o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_70.zip - lib/xpud3_70.sgn - etc/update.ini
Sun Solaris 9 (SPARC)	o Updated Patch Database - bin/patch_Solaris.data - bin/patch_Solaris.ref o New Checks - frozen-file-01-log - frozen-file-02-log - frozen-file-03-log - frozen-file-04-log - frozen-file-05-log - frozen-file-06-log - frozen-file-07-log - frozen-file-08-log - frozen-file-09-log - frozen-file-11-log o Updated Checks - user-40 o New Policy - frozenfilelog o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_70.zip - lib/xpud3_70.sgn - etc/update.ini
Sun Solaris 10 (SPARC)	o Updated Patch Database - bin/patch_Solaris.data - bin/patch_Solaris.ref o New Checks - frozen-file-01-log - frozen-file-02-log - frozen-file-03-log - frozen-file-04-log - frozen-file-05-log - frozen-file-06-log - frozen-file-07-log - frozen-file-08-log - frozen-file-09-log - frozen-file-11-log o Updated Checks - user-40 o New Policy - frozenfilelog o X-Press Update Files - rulesets/unarchivePolicy - signatures/rulesets/unarchivePolicy.sgn - lib/xpud3_70.zip - lib/xpud3_70.sgn - etc/update.ini

Assuria Limited, Science & Technology Centre, The University of Reading, Earley Gate, Reading, RG6 6BZ, UK.

Telephone +44 118 935 7395 Fax +44 118 926 7917 Web www.assuria.com

27/01/2008