ID OPENVAS:1361412562310109839 Type openvas Reporter Copyright (c) 2018 Greenbone Networks GmbH Modified 2019-12-10T00:00:00
Description
Ziel des Bausteins SYS.2.2.3 ist der Schutz von Informationen,
die durch und auf Windows 10-Clients verarbeiten werden.
Die Basis-Anforderung
# Copyright (C) 2018 Greenbone Networks GmbH
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.109839");
script_version("2019-12-10T14:14:33+0000");
script_tag(name:"last_modification", value:"2019-12-10 14:14:33 +0000 (Tue, 10 Dec 2019)");
script_tag(name:"creation_date", value:"2018-08-27 13:03:22 +0200 (Mon, 27 Aug 2018)");
script_tag(name:"cvss_base", value:"0.0");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:S/C:N/I:N/A:N");
script_tag(name:"qod", value:"97");
script_name("SYS.2.2.3.A3");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2018 Greenbone Networks GmbH");
script_family("IT-Grundschutz");
script_mandatory_keys("Compliance/Launch/GSHB-ITG");
script_dependencies("smb_reg_service_pack.nasl", "os_detection.nasl");
script_xref(name:"URL", value:"https://www.bsi.bund.de/DE/Themen/ITGrundschutz/ITGrundschutzKompendium/bausteine/SYS/SYS_2_2_3_Clients_unter_Windows_10.html");
script_tag(name:"summary", value:"Ziel des Bausteins SYS.2.2.3 ist der Schutz von Informationen,
die durch und auf Windows 10-Clients verarbeiten werden.
Die Basis-Anforderung 'A3: Geeignetes Patch- und Aenderungsmanagement' beschreibt, dass die Microsoft
Windows 10 Systeme einem Aenderung- und Patch-Management unterliegen muessen, welches der Komplexitaet
eines Updates gerecht wird.");
exit(0);
}
include("itg.inc");
include("policy_functions.inc");
include("host_details.inc");
if (!itg_start_requirement(level:"Basis"))
exit(0);
title = "Geeignetes Patch- und Aenderungsmanagement";
# Create and set kb entries for GSHB_Kompendium VT
if (!policy_host_runs_windows_10()) {
result = itg_result_wrong_target();
desc = itg_desc_wrong_target();
itg_set_kb_entries(result:result, desc:desc, title:title, id:"SYS.2.2.3.A3");
exit(0);
}
desc = itg_no_automatic_test();
result = itg_no_automatic_test();
# Create report matching Greenbone Compliance Report requirements
report = policy_build_report(result:result, default:"None", compliant:"yes", fixtext:"None",
type:"None", test:"None", info:desc);
itg_report(report:report);
itg_set_kb_entries(result:result, desc:desc, title:title, id:"SYS.2.2.3.A3");
exit(0);
{"id": "OPENVAS:1361412562310109839", "bulletinFamily": "scanner", "title": "SYS.2.2.3.A3", "description": "Ziel des Bausteins SYS.2.2.3 ist der Schutz von Informationen,\ndie durch und auf Windows 10-Clients verarbeiten werden.\n\nDie Basis-Anforderung ", "published": "2018-08-27T00:00:00", "modified": "2019-12-10T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310109839", "reporter": "Copyright (c) 2018 Greenbone Networks GmbH", "references": ["https://www.bsi.bund.de/DE/Themen/ITGrundschutz/ITGrundschutzKompendium/bausteine/SYS/SYS_2_2_3_Clients_unter_Windows_10.html"], "cvelist": [], "type": "openvas", "lastseen": "2019-12-11T18:20:31", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Ziel des Bausteins SYS.2.2.3 ist der Schutz von Informationen,\ndie durch und auf Windows 10-Clients verarbeiten werden.\n\nDie Basis-Anforderung ", "edition": 2, "enchantments": {"dependencies": {"modified": "2019-12-09T15:25:59", "references": []}, "score": {"modified": "2019-12-09T15:25:59", "value": 0.3, "vector": "NONE"}}, "hash": "32ca3e8ba900ad74cef0cfcb53d64141d91dc1b5ebb9e90dfabd3a02bacc47be", "hashmap": [{"hash": "31f9c7c4b3162ca6e29bcfdaca7de04a", "key": "href"}, {"hash": "68314057c68360c7c3d67f9620c93096", "key": "description"}, {"hash": "35a0564e2c9e99df925fcf579bc88c4d", "key": "modified"}, {"hash": "c024f888c770613205fc22e94da79807", "key": "title"}, {"hash": "1e33e470633d7c2b1c4cedcc47f7e725", "key": "pluginID"}, {"hash": "c34f2a1b223842e879d2102257dfb962", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "e8d03c740c4aae3dc63bb6633e3dbcd8", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "74d86ddf41ab66748778a91ba10ee177", "key": "references"}, {"hash": "a34726de3deab18b6628b764a24ed527", "key": "published"}, {"hash": "b67060941ad1387cbbb8ba2b55043b2a", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310109839", "id": "OPENVAS:1361412562310109839", "lastseen": "2019-12-09T15:25:59", "modified": "2019-11-15T00:00:00", "naslFamily": "IT-Grundschutz", "objectVersion": "1.3", "pluginID": "1361412562310109839", "published": "2018-08-27T00:00:00", "references": ["https://www.bsi.bund.de/DE/Themen/ITGrundschutz/ITGrundschutzKompendium/bausteine/SYS/SYS_2_2_3_Clients_unter_Windows_10.html"], "reporter": "Copyright (c) 2018 Greenbone Networks GmbH", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.109839\");\n script_version(\"2019-11-15T12:19:04+0000\");\n script_tag(name:\"last_modification\", value:\"2019-11-15 12:19:04 +0000 (Fri, 15 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-27 13:03:22 +0200 (Mon, 27 Aug 2018)\");\n script_tag(name:\"cvss_base\", value:\"0.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:S/C:N/I:N/A:N\");\n script_tag(name:\"qod\", value:\"97\");\n script_name(\"SYS.2.2.3.A3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH\");\n script_family(\"IT-Grundschutz\");\n script_mandatory_keys(\"Compliance/Launch/GSHB-ITG\");\n script_dependencies(\"smb_reg_service_pack.nasl\", \"os_detection.nasl\");\n\n script_xref(name:\"URL\", value:\"https://www.bsi.bund.de/DE/Themen/ITGrundschutz/ITGrundschutzKompendium/bausteine/SYS/SYS_2_2_3_Clients_unter_Windows_10.html\");\n\n script_tag(name:\"summary\", value:\"Ziel des Bausteins SYS.2.2.3 ist der Schutz von Informationen,\ndie durch und auf Windows 10-Clients verarbeiten werden.\n\nDie Basis-Anforderung 'A3: Geeignetes Patch- und Aenderungsmanagement' beschreibt, dass die Microsoft\nWindows 10 Systeme einem Aenderung- und Patch-Management unterliegen muessen, welches der Komplexitaet\neines Updates gerecht wird.\");\n\n exit(0);\n}\n\ninclude(\"itg.inc\");\ninclude(\"policy_functions.inc\");\ninclude(\"host_details.inc\");\n\nif (!itg_start_requirement(level:\"Basis\"))\n exit(0);\n\ntitle = \"Geeignetes Patch- und Aenderungsmanagement\";\n\n# Create and set kb entries for GSHB_Kompendium VT\nif (!policy_host_runs_windows_10()) {\n result = itg_result_wrong_target();\n desc = itg_desc_wrong_target();\n} else {\n desc = itg_no_automatic_test();\n result = itg_no_automatic_test();\n}\nitg_set_kb_entries(result:result, desc:desc, title:title, id:\"SYS.2.2.3.A3\");\n\n# Create report matching Greenbone Compliance Report requirements\nreport = policy_build_report(result:result, default:\"None\", compliant:\"yes\", fixtext:\"None\",\n type:\"None\", test:\"None\", info:desc);\nitg_report(report:report);\n\nexit(0);", "title": "SYS.2.2.3.A3", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2019-12-09T15:25:59"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Ziel des Bausteins SYS.2.2.3 ist der Schutz von Informationen,\ndie durch und auf Windows 10-Clients verarbeiten werden.\n\nDie Basis-Anforderung ", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-04-18T14:20:55", "references": []}, "score": {"modified": "2019-04-18T14:20:55", "value": 0.5, "vector": "NONE"}}, "hash": "617b9337221fc7123e4d7adcd6f79eee7a13d16a95b83ac0cb8bf14b8df43fb9", "hashmap": [{"hash": "31f9c7c4b3162ca6e29bcfdaca7de04a", "key": "href"}, {"hash": "68314057c68360c7c3d67f9620c93096", "key": "description"}, {"hash": "c024f888c770613205fc22e94da79807", "key": "title"}, {"hash": "1e33e470633d7c2b1c4cedcc47f7e725", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "e8d03c740c4aae3dc63bb6633e3dbcd8", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "ee03ddba7c70c3438158303612a236a6", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "987b6f11bbfeafafe016d8d79278b4fc", "key": "modified"}, {"hash": "74d86ddf41ab66748778a91ba10ee177", "key": "references"}, {"hash": "a34726de3deab18b6628b764a24ed527", "key": "published"}, {"hash": "b67060941ad1387cbbb8ba2b55043b2a", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310109839", "id": "OPENVAS:1361412562310109839", "lastseen": "2019-04-18T14:20:55", "modified": "2019-04-17T00:00:00", "naslFamily": "IT-Grundschutz", "objectVersion": "1.3", "pluginID": "1361412562310109839", "published": "2018-08-27T00:00:00", "references": ["https://www.bsi.bund.de/DE/Themen/ITGrundschutz/ITGrundschutzKompendium/bausteine/SYS/SYS_2_2_3_Clients_unter_Windows_10.html"], "reporter": "Copyright (c) 2018 Greenbone Networks GmbH", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.109839\");\n script_version(\"2019-04-17T10:11:48+0000\");\n script_tag(name:\"last_modification\", value:\"2019-04-17 10:11:48 +0000 (Wed, 17 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-27 13:03:22 +0200 (Mon, 27 Aug 2018)\");\n script_tag(name:\"cvss_base\", value:\"0.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:S/C:N/I:N/A:N\");\n script_tag(name:\"qod\", value:\"97\");\n script_name(\"SYS.2.2.3.A3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH\");\n script_family(\"IT-Grundschutz\");\n script_mandatory_keys(\"Compliance/Launch/GSHB-ITG\");\n script_dependencies(\"smb_reg_service_pack.nasl\", \"os_detection.nasl\");\n\n script_xref(name:\"URL\", value:\"https://www.bsi.bund.de/DE/Themen/ITGrundschutz/ITGrundschutzKompendium/bausteine/SYS/SYS_2_2_3_Clients_unter_Windows_10.html\");\n\n script_tag(name:\"summary\", value:\"Ziel des Bausteins SYS.2.2.3 ist der Schutz von Informationen,\ndie durch und auf Windows 10-Clients verarbeiten werden.\n\nDie Basis-Anforderung 'A3: Geeignetes Patch- und Aenderungsmanagement' beschreibt, dass die Microsoft\nWindows 10 Systeme einem Aenderung- und Patch-Management unterliegen muessen, welches der Komplexitaet\neines Updates gerecht wird.\");\n\n exit(0);\n}\n\ninclude(\"itg.inc\");\ninclude(\"host_details.inc\");\n\nif(!itg_start_requirement(level:\"Basis\"))\n exit(0);\n\ntitle = \"Geeignetes Patch- und Aenderungsmanagement\";\nset_kb_item(name:\"GSHB/SYS.2.2.3.A3/title\", value:title);\n\nhost_cpe = best_os_cpe();\nif(\"microsoft:windows_10\" >< host_cpe) {\n desc = \"Diese Vorgabe muss manuell ueberprueft werden.\";\n result = \"Diese Vorgabe muss manuell ueberprueft werden.\";\n} else {\n result = \"nicht zutreffend\";\n desc = \"Host ist kein Microsoft Windows 10 System.\";\n}\n\nset_kb_item(name:\"GSHB/SYS.2.2.3.A3/result\", value:result);\nset_kb_item(name:\"GSHB/SYS.2.2.3.A3/desc\", value:desc);\n\nsilent = get_kb_item(\"GSHB/silence\");\nif(!silent)\n itg_report(title:title, status:result, details:desc);\n\nexit(0);", "title": "SYS.2.2.3.A3", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2019-04-18T14:20:55"}], "edition": 3, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "68314057c68360c7c3d67f9620c93096"}, {"key": "href", "hash": "31f9c7c4b3162ca6e29bcfdaca7de04a"}, {"key": "modified", "hash": "8f1c7b36b78edc057212351025d65180"}, {"key": "naslFamily", "hash": "b67060941ad1387cbbb8ba2b55043b2a"}, {"key": "pluginID", "hash": "1e33e470633d7c2b1c4cedcc47f7e725"}, {"key": "published", "hash": "a34726de3deab18b6628b764a24ed527"}, {"key": "references", "hash": "74d86ddf41ab66748778a91ba10ee177"}, {"key": "reporter", "hash": "e8d03c740c4aae3dc63bb6633e3dbcd8"}, {"key": "sourceData", "hash": "fd7298c6d1e3c98d5d1e9b96082bff6a"}, {"key": "title", "hash": "c024f888c770613205fc22e94da79807"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "d837d95674c48f74c052e548fe27881fca0d2949538e5e5296c2af9e01da68b5", "viewCount": 0, "enchantments": {"dependencies": {"references": [], "modified": "2019-12-11T18:20:31"}, "score": {"value": 0.3, "vector": "NONE", "modified": "2019-12-11T18:20:31"}, "vulnersScore": 0.3}, "objectVersion": "1.3", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.109839\");\n script_version(\"2019-12-10T14:14:33+0000\");\n script_tag(name:\"last_modification\", value:\"2019-12-10 14:14:33 +0000 (Tue, 10 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-27 13:03:22 +0200 (Mon, 27 Aug 2018)\");\n script_tag(name:\"cvss_base\", value:\"0.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:S/C:N/I:N/A:N\");\n script_tag(name:\"qod\", value:\"97\");\n script_name(\"SYS.2.2.3.A3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH\");\n script_family(\"IT-Grundschutz\");\n script_mandatory_keys(\"Compliance/Launch/GSHB-ITG\");\n script_dependencies(\"smb_reg_service_pack.nasl\", \"os_detection.nasl\");\n\n script_xref(name:\"URL\", value:\"https://www.bsi.bund.de/DE/Themen/ITGrundschutz/ITGrundschutzKompendium/bausteine/SYS/SYS_2_2_3_Clients_unter_Windows_10.html\");\n\n script_tag(name:\"summary\", value:\"Ziel des Bausteins SYS.2.2.3 ist der Schutz von Informationen,\ndie durch und auf Windows 10-Clients verarbeiten werden.\n\nDie Basis-Anforderung 'A3: Geeignetes Patch- und Aenderungsmanagement' beschreibt, dass die Microsoft\nWindows 10 Systeme einem Aenderung- und Patch-Management unterliegen muessen, welches der Komplexitaet\neines Updates gerecht wird.\");\n\n exit(0);\n}\n\ninclude(\"itg.inc\");\ninclude(\"policy_functions.inc\");\ninclude(\"host_details.inc\");\n\nif (!itg_start_requirement(level:\"Basis\"))\n exit(0);\n\ntitle = \"Geeignetes Patch- und Aenderungsmanagement\";\n\n# Create and set kb entries for GSHB_Kompendium VT\nif (!policy_host_runs_windows_10()) {\n result = itg_result_wrong_target();\n desc = itg_desc_wrong_target();\n itg_set_kb_entries(result:result, desc:desc, title:title, id:\"SYS.2.2.3.A3\");\n exit(0);\n}\n\ndesc = itg_no_automatic_test();\nresult = itg_no_automatic_test();\n# Create report matching Greenbone Compliance Report requirements\nreport = policy_build_report(result:result, default:\"None\", compliant:\"yes\", fixtext:\"None\",\n type:\"None\", test:\"None\", info:desc);\n\nitg_report(report:report);\nitg_set_kb_entries(result:result, desc:desc, title:title, id:\"SYS.2.2.3.A3\");\n\nexit(0);", "naslFamily": "IT-Grundschutz", "pluginID": "1361412562310109839", "scheme": null}
