Title.

Assuria Auditor AutoUpdate 73 released

Introduction

This update contains security content and updated product features. It contains updated console content, new and updated checks and policies, and updated patch databases, policy navigators and console database content. The update is compatible with, and suitable for application to all Assuria Auditor agents.

Security Content Updates

Security content based on newly published vendor security bulletins (or similar) is included for the agents listed below:

• IBM AIX 4.3, 5.0, 5.1, 5.2

• HP HP-UX 11 (PA-RISC)

• HP HP-UX 11 (IA-64)

• Microsoft Windows 2000 (Server and Professional)

• Microsoft Windows Server 2003

• Novell SUSE Enterprise Linux 9 (x86)

• Novell SUSE Enterprise Linux 10 (x86)

• Red Hat Enterprise Linux 3 and later (x86 and x64)

• Sun Solaris 8 (SPARC)

• Sun Solaris 9 (SPARC)

• Sun Solaris 10 (SPARC)

Manifest

The full manifest of new and changed files for this update can be viewed below.

Enabling new risk levels

A new risk level storage mechanism in the database was introduced at AU#70. This allows new risk levels of 'Information' and 'Critical', in addition to the existing levels of 'Low', 'Medium' and 'High'. This change was part of a phased approach to the introduction of the new levels, and no checks were shipped at AU#70 using the new levels.

This AU is the first to make use of the new mechanism. All non-obsolete checks that carry a CVSS score of 10.0 have been amended to have a risk level of 'Critical'. All checks with a remedy text indicating that the check is for information only have been amended to have a risk level of 'Information'.

Manifest

The full manifest of new and changed files for this update can be viewed below.

Console update

Updated Executable Files

      - bin/tcl/startup.tbc

    o Database update

      - For new checks as above

    o Policy Navigators for

      - IBM AIX 4.3, 5.0, 5.1, 5.2

      - HP HP-UX 11 (PA-RISC)

      - HP HP-UX 11 (IA-64)

      - Microsoft Windows 2000 (Server and Professional)

      - Microsoft Windows Server 2003

      - Novell SUSE Enterprise Linux 9 (x86)

      - Novell SUSE Enterprise Linux 10 (x86)

      - Red Hat Enterprise Linux 3 and later (x86 and x64)

      - Sun Solaris 8

      - Sun Solaris 9

      - Sun Solaris 10 (SPARC)

Agent updates

Updates are included for the following agents:

    o HP HP-UX 11 (PA-RISC)

    o HP HP-UX 11 (IA-64)

    o Microsoft Windows 2000 (Server and Professional)

    o Microsoft Windows Server 2003

    o Novell SUSE Enterprise Linux 9 (x86)

    o Novell SUSE Enterprise Linux 10 (x86)

    o Red Hat Enterprise Linux 3 and later (x86 and x64)

    o Sun Solaris 8 (SPARC)

    o Sun Solaris 9 (SPARC)

    o Sun Solaris 10 (SPARC)

HP HP-UX 11 (PA-RISC)

    o Updated Patch Database

      - bin/patch_HP-UX.data

      - bin/patch_HP-UX.ref

    o X-Press Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_73.zip

      - lib/xpud3_73.sgn

      - etc/update.ini

HP HP-UX 11 (IA-64)

    o Updated Patch Database

      - bin/patch_HP-UX.data

      - bin/patch_HP-UX.ref

    o X-Press Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_73.zip

      - lib/xpud3_73.sgn

      - etc/update.ini

Microsoft Windows 2000

    o New Checks

      - win-ms08kb941644-update

      - win-ms08kb943485-update

    o Updated Policies

      - Initial-1

      - Initial-All

      - Maintenance-1

      - Maintenance-All

      - versionChecks

    o X-Press Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_73.zip

      - lib/xpud3_73.sgn

      - etc/update.ini

Microsoft Windows Server 2003 (x86)

    o New Checks

      - win-ms08kb941644-update

      - win-ms08kb943485-update

    o Updated Checks

      - IEActiveScripting

      - IEChannelPermissions

      - IEDesktopInstall

      - IEExecution

      - IEFileDownload

      - IEFileLaunch

      - IEFormSubmission

      - IEJavaPermissions

      - IEJavaScripting

      - IESafeScripting

      - IESignedDownload

      - IEUnsafeScripting

      - IEUnsignedDownload

      - reg-smb-01

    o Updated Policies

      - Initial-1

      - Initial-All

      - Maintenance-1

      - Maintenance-All

      - versionChecks

    o Updated Executable Files

      - bin/procs/tools.tcl

    o X-Press Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_73.zip

      - lib/xpud3_73.sgn

      - etc/update.ini

Novell SUSE Enterprise Linux 9 (x86)

    o New Checks

      - oo-cronat-trusted-users

      - SuSE-SA-2006-067

      - SuSE-SA-2006-068

      - SuSE-SA-2006-072

      - SuSE-SA-2006-073

      - SuSE-SA-2006-075

      - SuSE-SA-2006-076

      - SuSE-SA-2006-078

      - SuSE-SA-2006-079

      - SuSE-SA-2006-080

      - SuSE-SA-2007-002

      - SuSE-SA-2007-003

      - SuSE-SA-2007-004

      - SuSE-SA-2007-005

      - SuSE-SA-2007-006

      - SuSE-SA-2007-068

    o Updated Checks

      - file-cronat-04

    o Updated Policies

      - cronat

      - Initial-1

      - Initial-5

      - Initial-All

      - Maintenance-1

      - Maintenance-3

      - Maintenance-All

      - ssa

    o X-Press Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_73.zip

      - lib/xpud3_73.sgn

      - etc/update.ini

Novell SUSE Enterprise Linux 10 (x86)

    o New Checks

      - oo-cronat-trusted-users

      - SuSE-SA-2006-067

      - SuSE-SA-2006-068

      - SuSE-SA-2006-072

      - SuSE-SA-2006-073

      - SuSE-SA-2006-075

      - SuSE-SA-2006-076

      - SuSE-SA-2006-078

      - SuSE-SA-2006-079

      - SuSE-SA-2006-080

      - SuSE-SA-2007-002

      - SuSE-SA-2007-003

      - SuSE-SA-2007-004

      - SuSE-SA-2007-005

      - SuSE-SA-2007-006

      - SuSE-SA-2007-068

    o Updated Checks

      - file-cronat-04

    o Updated Policies

      - cronat

      - Initial-1

      - Initial-5

      - Initial-All

      - Maintenance-1

      - Maintenance-3

      - Maintenance-All

      - ssa

    o X-Press Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_73.zip

      - lib/xpud3_73.sgn

      - etc/update.ini

Red Hat Enterprise Linux 3 and later (x86 and x64)

    o New Checks

      - RHSA-2007-1076

      - RHSA-2007-1083

      - RHSA-2007-1086

      - RHSA-2007-1104

      - RHSA-2007-1114

      - RHSA-2007-1117

      - RHSA-2007-1126

      - RHSA-2007-1128

      - RHSA-2007-1129

      - RHSA-2007-1130

      - RHSA-2007-1155

      - RHSA-2007-1157

      - RHSA-2007-1165

      - RHSA-2007-1166

      - RHSA-2007-1176

      - RHSA-2007-1177

    o Updated Policies

      - Initial-1

      - Initial-All

      - Maintenance-1

      - Maintenance-All

      - RHSA

    o X-Press Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_73.zip

      - lib/xpud3_73.sgn

      - etc/update.ini

Sun Solaris 8 (SPARC)

    o Updated Patch Database

      - bin/patch_Solaris.data

      - bin/patch_Solaris.ref

    o X-Press Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_73.zip

      - lib/xpud3_73.sgn

      - etc/update.ini

Sun Solaris 9 (SPARC)

    o Updated Patch Database

      - bin/patch_Solaris.data

      - bin/patch_Solaris.ref

    o X-Press Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_73.zip

      - lib/xpud3_73.sgn

      - etc/update.ini

Sun Solaris 10 (SPARC)

    o Updated Patch Database

      - bin/patch_Solaris.data

      - bin/patch_Solaris.ref

    o X-Press Update Files

      - rulesets/unarchivePolicy

      - signatures/rulesets/unarchivePolicy.sgn

      - lib/xpud3_73.zip

      - lib/xpud3_73.sgn

      - etc/update.ini