The following is a description of the elements, types, and attributes that compose the IOS specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard item element defined in the Core System Characteristic Schema. Through extension, each item inherits a set of elements and attributes that are shared amongst all OVAL Items. Each item is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core System Characteristic Schema is not outlined here.
The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.
IOS System Characteristics
5.1
6 November 2006
schematron validation of the Cisco IOS portion of an OVAL System Characteristics file
Sotres information about the existence of a particular line in the ios config file under the global context
item - datatype attribute for the global_command entity of a global_item should be 'string'
item - datatype attribute for the name entity of a global_item should be 'string'
item - datatype attribute for the ip_directed_broadcast_command entity of a global_item should be 'string'
item - datatype attribute for the no_ip_directed_broadcast_command entity of a global_item should be 'string'
item - datatype attribute for the proxy_arp_command entity of a global_item should be 'string'
item - datatype attribute for the shutdown_command entity of a global_item should be 'string'
Stores the properties of specific lines in the ios config file.
The name of the SHOW sub-command.
item - datatype attribute for the show_subcommand entity of a line_item should be 'string'
The value returned from by the specified SHOW sub-command.
item - datatype attribute for the config_line entity of a line_item should be 'string'
Stores results from collecting lines under the global context associated with snmp.
item - datatype attribute for the access_list entity of a snmp_item should be 'string'
The tclsh item holds information about the availability of tcl on the IOS operating system. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.
This boolean entity describes whether TCLSH is available on the system. A value of true means that TCLSH is available. Per Cisco documentation, the accepted way to see if the device supports tcl functionality is to enter the tcl shell. If the attempt results in a tcl prompt then the device supports tclsh and has it enabled.
item - datatype attribute for the available entity of a tclsh_item should be 'boolean'
The version item holds information about the version of the IOS operating system. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.
The major_release is a combination of train and rebuild information and is used by Cisco advisories to identify major releases.
The train number is the dotted version that starts a version string. For example the version string 12.2(3)T has a train number of 12.2.
The train identifier is the type of Train. For example the version string 12.2(3)T has a train identifier of T. Please see the EntityItemTrainIdentifierType for more information about the different train identifiers.
The version entity holds the raw string output of a 'show version' command.
The EntityTrainIdentifierType restricts a string value to a specific set of values that describe the different types of trains in a Cisco IOS release. The empty string is also allowed to support empty emlement associated with error conditions.