Cover V07, I10
Article
Listing 1
Listing 2
Table 1

oct98.tar


Listing 2: Output from security patch checking script

Listing 2a - Example from AIX system with only vulnerabilities listed
SYSTEM / 1 > /usr/local/bin/security/check_CERT.sh
1) 05/23/94,CA-94.09 /bin/login Vulnerability - Checking
There was no data for IX44254 in the fix database.
2) 02/22/96,CA-96.04 corrupt info from servers - Fix in progress
3) 09/18/96,CA-96.20 Sendmail Vulnerabilities - Checking
All filesets for IX61304 were found.
Not all filesets for IX61305 were found.
4) 11/21/96,CA-96.24 sendmail daemon mode - Checking
Not all filesets for IX63068 were found.
5) 05/07/97,CA-97.13 - Vulnerability in xlock - Checking
There was no data for IX68191 in the fix database.
6) 12/17/97,CA-97.27 - FTP bounce - Checking
There was no data for IX73076 in the fix database.
7) 01/21/98,CA-98.02 - CDE - Checking
There was no data for IX73437 in the fix database.

Listing 2b - Example from AIX system showing status of all advisories
SYSTEM / 1 > /usr/local/bin/security/check_CERT.sh -v
1) 04/12/96,AIX - 3.2.5 rmail vulnerability - Not applicable
2) 04/03/97,AIX - Buffer overflows in NLS environment variables -
Checking All filesets for IX67377 were found.
3) 04/03/97,AIX - LIBPATH not ignored for setgid executables -
Checking All filesets for IX66344 were found.
4) 10/31/97,AIX - Local users can become root - Checking
All filesets for IX70815 were found.
5) 06/02/97,AIX - lquerylv buffer overflow - Checking
All filesets for IX66232 were found.
6) 10/31/97,AIX - Remote ftp servers can cause arbitrary commands to
run on local machine - Checking All filesets for IX70886 were found. 7) 03/18/97,CA-91.08 innd - NO DATA 8) 05/23/94,CA-94.09 /bin/login Vulnerability - Checking There was no data for IX44254 in the fix database.