Quantcast

oval:org.mitre.oval:def:28575

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

oval:org.mitre.oval:def:28575

Love, Samantha

Mike,

 

 

Is this the correct way to write this definition?

 

Since the test is “at least one”  this is true if > 14.0.0.0 (true) OR > 17.0.0.134 (false).    Should it be check=”all”, as both must be true?

 

<registry_test id="oval:org.mitre.oval:tst:140870" version="1" comment="Check if the version of Adobe Flash Player is greater than or equal 14.0.0.0 and less than 17.0.0.134" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">

  <object object_ref="oval:org.mitre.oval:obj:7290" />

  <state state_ref="oval:org.mitre.oval:ste:39545" />   

  <state state_ref="oval:org.mitre.oval:ste:39503" />

  </registry_test>

 

 

- <registry_state id="oval:org.mitre.oval:ste:39545" version="1" comment="Version is less than 17.0.0.134" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">

  <value datatype="version" operation="less than">17.0.0.134</value>

  </registry_state>

 

- <registry_state id="oval:org.mitre.oval:ste:39503" version="1" comment="Version is greater than or equal 14.0.0.0" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">

  <value datatype="version" operation="greater than or equal">14.0.0.0</value>

  </registry_state>

 

 

From: Love, Samantha
Sent: Wednesday, July 29, 2015 4:25 PM
To: Ciper, Ralph
Subject:

 

http://oval.mitre.org/repository/data/item/show?id=oval%3aorg.mitre.oval%3atst%3a141142

 


Samantha Love

DTCC Global Vulnerability Detection & Management

Technology Risk Management (TRM)

Tampa, FL (EST)

(813) 470-2164 | [hidden email]

 

cid:image002.jpg@01CF111C.3642D5E0

cid:image004.jpg@01D04AB3.33A8B440

 

Visit us at www.dtcc.com or follow us on Twitter @The_DTCC and on LinkedIn.

To learn about career opportunities at DTCC, please visit dtcc.com/careers.

 


DTCC DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify us immediately and delete the email and any attachments from your system. The recipient should check this email and any attachments for the presence of viruses.  The company accepts no liability for any damage caused by any virus transmitted by this email. To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: oval:org.mitre.oval:def:28575

David Solin-3
Hi Samantha,

The state_operator attribute of a test determines how the states are combined.  Since there is no state_operator specified in that registry_test, the default value of AND is used (meaning both states must match).

Best regards,
—David Solin

David A. Solin
Co-Founder, Research & Technology
[hidden email]

Joval Continuous Monitoring

Facebook Linkedin



On Jul 29, 2015, at 4:01 PM, Love, Samantha <[hidden email]> wrote:

Mike,
 
 
Is this the correct way to write this definition?
 
Since the test is “at least one”  this is true if > 14.0.0.0 (true) OR > 17.0.0.134 (false).    Should it be check=”all”, as both must be true?
 
<registry_test id="oval:org.mitre.oval:tst:140870" version="1" comment="Check if the version of Adobe Flash Player is greater than or equal 14.0.0.0 and less than 17.0.0.134" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
  <object object_ref="oval:org.mitre.oval:obj:7290" /> 
  <state state_ref="oval:org.mitre.oval:ste:39545" />   
  <state state_ref="oval:org.mitre.oval:ste:39503" /> 
  </registry_test>
 
 
- <registry_state id="oval:org.mitre.oval:ste:39545" version="1" comment="Version is less than 17.0.0.134" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
  <value datatype="version" operation="less than">17.0.0.134</value>
  </registry_state>
 
- <registry_state id="oval:org.mitre.oval:ste:39503" version="1" comment="Version is greater than or equal 14.0.0.0" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
  <value datatype="version" operation="greater than or equal">14.0.0.0</value>
  </registry_state>
 
 
From: Love, Samantha 
Sent: Wednesday, July 29, 2015 4:25 PM
To: Ciper, Ralph
Subject:
 
 

Samantha Love
DTCC Global Vulnerability Detection & Management
Technology Risk Management (TRM)
Tampa, FL (EST)
(813) 470-2164 | [hidden email]
 
<image001.jpg>
<image002.jpg>
 
Visit us at www.dtcc.com or follow us on Twitter @The_DTCC and on LinkedIn.

To learn about career opportunities at DTCC, please visit dtcc.com/careers.

 

DTCC DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify us immediately and delete the email and any attachments from your system. The recipient should check this email and any attachments for the presence of viruses.  The company accepts no liability for any damage caused by any virus transmitted by this email. To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].

To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email].
Loading...