I wrote a sample OVAL vulnerability that I thought some people may find useful. Feel free to copy the XML and edit it as needed. Also, please refer to the help files on writing OVAL checks within QualysGuard. They are located here: https://qualysguard.qualys.com/qwebhelp/fo_portal/index.htm - search for OVAL and navigate through the documentation.
NOTE - This is a sample that should only be used as a template to create additional OVAL checks. It is not a valid check (by design), however it contains a valid XML structure that can be used to create a valid OVAL check within QualysGuard
Please change the criteria, tests, etc to reflect the content you wish to have checked. Please refer to the OVAL archive for version 4.2, 4.1, and 4.0 as they are the versions that are supported. The archvie can be found here: http://oval.mitre.org/archive/
There is no warranty implied.