- Open Vulnerability and Assessment Language -
Element Dictionary

The following is a description of the elements, types, and attributes that compose the HP-UX specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.

The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.



< getconf_test >

From /usr/bin/getconf. See getconf manpage for specific fields

Child Elements Type MinOccurs MaxOccurs
object oval-def:ObjectRefType 1 1
state oval-def:StateRefType 0 1

< getconf_object >

Child Elements Type MinOccurs MaxOccurs
parameter_name oval-def:EntityObjectStringType 1 1
pathname oval-def:EntityObjectStringType 1 1

< getconf_state >

Child Elements Type MinOccurs MaxOccurs
parameter_name oval-def:EntityStateStringType 0 1
pathname oval-def:EntityStateStringType 0 1
output oval-def:EntityStateStringType 0 1



< patch53_test >

From /usr/sbin/swlist -l patch PHxx_yyyyy. See swlist manpage for specific fields

Child Elements Type MinOccurs MaxOccurs
object oval-def:ObjectRefType 1 1
state oval-def:StateRefType 0 1

< patch53_object >

Child Elements Type MinOccurs MaxOccurs
behaviors hpux-def:Patch53Behaviors 0 1
swtype oval-def:EntityObjectStringType 0 1
area_patched oval-def:EntityObjectStringType 0 1
patch_base oval-def:EntityObjectStringType 0 1

< patch53_state >

Child Elements Type MinOccurs MaxOccurs
swtype oval-def:EntityStateStringType 0 1
area_patched oval-def:EntityStateStringType 0 1
patch_base oval-def:EntityStateStringType 0 1

== Patch53Behaviors ==

These behaviors allow a more detailed definition of the patch53 objects being specified.

Attributes:

- supersedence n/a (optional -- default='false')



< patch_test >

This test has been deprecated and will be removed in version 6.0 of the language. Recommend use of the newer patch53_test.

From /usr/sbin/swlist -l patch PHxx_yyyyy. See swlist manpage for specific fields

Child Elements Type MinOccurs MaxOccurs
object oval-def:ObjectRefType 1 1
state oval-def:StateRefType 0 1

< patch_object >

This object has been deprecated and will be removed in version 6.0 of the language. Recommend use of the newer patch53_object.

Child Elements Type MinOccurs MaxOccurs
patch_name oval-def:EntityObjectStringType 1 1

< patch_state >

This state has been deprecated and will be removed in version 6.0 of the language. Recommend use of the newer patch53_state.

Child Elements Type MinOccurs MaxOccurs
patch_name oval-def:EntityStateStringType 0 1
swtype oval-def:EntityStateStringType 0 1
area_patched oval-def:EntityStateStringType 0 1
patch_base oval-def:EntityStateStringType 0 1



< swlist_test >

Output of /usr/sbin/swlist command. Note: A quick way to check for the installation of a specific fileset is to use the command 'swlist -a version -l fileset filesetname'. See manpage for swlist for explanation of additional command options.

Child Elements Type MinOccurs MaxOccurs
object oval-def:ObjectRefType 1 1
state oval-def:StateRefType 0 1

< swlist_object >

Child Elements Type MinOccurs MaxOccurs
swlist oval-def:EntityObjectStringType 1 1

< swlist_state >

Child Elements Type MinOccurs MaxOccurs
swlist oval-def:EntityStateStringType 0 1
bundle oval-def:EntityStateStringType 0 1
fileset oval-def:EntityStateStringType 0 1
version oval-def:EntityStateStringType 0 1
title oval-def:EntityStateStringType 0 1
vendor oval-def:EntityStateStringType 0 1



< trusted_test >

This test allows for analysis of account settings in trusted HP-UX installations

Child Elements Type MinOccurs MaxOccurs
object oval-def:ObjectRefType 1 1
state oval-def:StateRefType 0 1

< trusted_object >

Child Elements Type MinOccurs MaxOccurs
username oval-def:EntityObjectStringType 1 1

< trusted_state >

Child Elements Type MinOccurs MaxOccurs
username oval-def:EntityStateStringType 1 1
uid oval-def:EntityStateStringType 0 1
password oval-def:EntityStateStringType 0 1
account_owner oval-def:EntityStateStringType 0 1
boot_auth oval-def:EntityStateStringType 0 1
audit_id oval-def:EntityStateStringType 0 1
audit_flag oval-def:EntityStateStringType 0 1
pw_change_min oval-def:EntityStateStringType 0 1
pw_max_size oval-def:EntityStateStringType 0 1
pw_expiration oval-def:EntityStateStringType 0 1
pw_life oval-def:EntityStateStringType 0 1
pw_change_s oval-def:EntityStateStringType 0 1
pw_change_u oval-def:EntityStateStringType 0 1
acct_expire oval-def:EntityStateStringType 0 1
max_llogin oval-def:EntityStateStringType 0 1
exp_warning oval-def:EntityStateStringType 0 1
usr_chg_pw oval-def:EntityStateStringType 0 1
gen_pw oval-def:EntityStateStringType 0 1
pw_restrict oval-def:EntityStateStringType 0 1
pw_null oval-def:EntityStateStringType 0 1
pw_gen_char oval-def:EntityStateStringType 0 1
pw_gen_let oval-def:EntityStateStringType 0 1
login_time oval-def:EntityStateStringType 0 1
pw_changer oval-def:EntityStateStringType 0 1
login_time_s oval-def:EntityStateStringType 0 1
login_time_u oval-def:EntityStateStringType 0 1
login_tty_s oval-def:EntityStateStringType 0 1
login_tty_u oval-def:EntityStateStringType 0 1
num_u_logins oval-def:EntityStateStringType 0 1
max_u_logins oval-def:EntityStateStringType 0 1
lock_flag oval-def:EntityStateStringType 0 1