[BESAdmin-Announcements] Content Modification Announcement - BigFix Security Configuration Management (SCM) DISA Benchmarks for Unix

Announcements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Wed Dec 29 15:41:47 PST 2010 

BigFix, an IBM Company, has modified content in the following Security
Configuration Management (SCM) v3 benchmarks:

----AFFECTED SITES----
SCM Checklist for DISA STIG on AIX 5.1
SCM Checklist for DISA STIG on AIX 5.2
SCM Checklist for DISA STIG on AIX 5.3
SCM Checklist for DISA STIG on AIX 6.1
SCM Checklist for DISA STIG on HPUX 11.00
SCM Checklist for DISA STIG on HPUX 11.11
SCM Checklist for DISA STIG on HPUX 11.23
SCM Checklist for DISA STIG on RHEL 3
SCM Checklist for DISA STIG on RHEL 4
SCM Checklist for DISA STIG on RHEL 5
SCM Checklist for DISA STIG on Solaris 8
SCM Checklist for DISA STIG on Solaris 9
SCM Checklist for DISA STIG on Solaris 10


----CHANGES----
GEN003020 "Cron Executes Programs in World Writable Directories"
Corrected an issue in which the script would hang if a directory referenced
by a cron job was not mounted.
The Fixlet has been modified to proceed if a directory referenced by a cron
job is not available at scan time.

GEN003440 "AT programs umask"
Corrected an issue in which the script would hang if an 'AT' job referenced
a FIFO.
The Fixlet has been modified to only check the at jobs themselves as
specified by the DISA documentation dated 27 August 2010.

GEN001280, GEN001300, GEN001360, GEN002160, GEN002180, GEN005360c,
GEN006340, GEN006360
Corrected an issue with the packaging system that affected a utility script
(./util/update_find_out) that could cause the remediation actions of these
fixlets to fail.

ALL FIXLETS
Metadata were added to all fixlets and tasks to support the forthcoming
Tivoli Endpoint Manager for Security and Compliance Analytics product (pka
DSS SCM).


----KNOWN ISSUES----
Although each fixlet now has the following text at the bottom of the
description, the link is not yet present. It will be available in an
upcoming release.
"After the system scan has completed you can click on the following link to
see the actual values configured on each system:"


----ACTIONS TO TAKE----
All customers that currently license the SCMv3 solution module, SCVM
solution pack, or SLM+SCVM solution bundle may gather this content update.
BES administrators are encouraged to verify open actions as necessary.  If
you are using custom sites based on BigFix content, you will need to
manually update the content in those sites with the corresponding content
in the BigFix external sites.


Please contact BigFix Technical Support if you have any questions regarding
this change.

Thank you.

--
Application Engineering Team
BigFix, an IBM Company

More information about the Besadmin-announcements mailing list