Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-91295 | AIX7-00-003005 | SV-101393r1_rule | High |
Description |
---|
The listed applications permit the transmission of passwords in plain text. Alternative applications such as SSH, which encrypt data, should be use instead. |
STIG | Date |
---|---|
IBM AIX 7.x Security Technical Implementation Guide | 2019-04-29 |
Check Text ( C-90449r1_chk ) |
---|
From the command prompt, execute the following commands: # ls -l /usr/bin/rcp | awk '{print $1}' # ls -l /usr/bin/rlogin | awk '{print $1}' # ls -l /usr/bin/rsh | awk '{print $1}' # ls -l /usr/bin/telnet | awk '{print $1}' # ls -l /usr/bin/rexec | awk '{print $1}' Each of the above commands should return with the following permissions: ---------- If the permissions are more permissive, this is a finding. |
Fix Text (F-97493r1_fix) |
---|
Use the chmod command to remove all permissions on these commands: # chmod ugo= /usr/bin/rcp # chmod ugo= /usr/bin/rlogin # chmod ugo= /usr/bin/rsh # chmod ugo= /usr/bin/rexec # chmod ugo= /usr/bin/telnet |