Listing 2: Output from security patch checking script
Listing 2a - Example from AIX system with only vulnerabilities listed SYSTEM / 1 > /usr/local/bin/security/check_CERT.sh 1) 05/23/94,CA-94.09 /bin/login Vulnerability - Checking There was no data for IX44254 in the fix database. 2) 02/22/96,CA-96.04 corrupt info from servers - Fix in progress 3) 09/18/96,CA-96.20 Sendmail Vulnerabilities - Checking All filesets for IX61304 were found. Not all filesets for IX61305 were found. 4) 11/21/96,CA-96.24 sendmail daemon mode - Checking Not all filesets for IX63068 were found. 5) 05/07/97,CA-97.13 - Vulnerability in xlock - Checking There was no data for IX68191 in the fix database. 6) 12/17/97,CA-97.27 - FTP bounce - Checking There was no data for IX73076 in the fix database. 7) 01/21/98,CA-98.02 - CDE - Checking There was no data for IX73437 in the fix database. Listing 2b - Example from AIX system showing status of all advisories SYSTEM / 1 > /usr/local/bin/security/check_CERT.sh -v 1) 04/12/96,AIX - 3.2.5 rmail vulnerability - Not applicable 2) 04/03/97,AIX - Buffer overflows in NLS environment variables - Checking All filesets for IX67377 were found. 3) 04/03/97,AIX - LIBPATH not ignored for setgid executables - Checking All filesets for IX66344 were found. 4) 10/31/97,AIX - Local users can become root - Checking All filesets for IX70815 were found. 5) 06/02/97,AIX - lquerylv buffer overflow - Checking All filesets for IX66232 were found. 6) 10/31/97,AIX - Remote ftp servers can cause arbitrary commands to
|