Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-215322 | AIX7-00-003005 | SV-215322r508663_rule | High |
Description |
---|
The listed applications permit the transmission of passwords in plain text. Alternative applications such as SSH, which encrypt data, should be use instead. |
STIG | Date |
---|---|
IBM AIX 7.x Security Technical Implementation Guide | 2021-06-16 |
Check Text ( C-16520r294417_chk ) |
---|
From the command prompt, execute the following commands: # ls -l /usr/bin/rcp | awk '{print $1}' # ls -l /usr/bin/rlogin | awk '{print $1}' # ls -l /usr/bin/rsh | awk '{print $1}' # ls -l /usr/bin/telnet | awk '{print $1}' # ls -l /usr/bin/rexec | awk '{print $1}' Each of the above commands should return with the following permissions: ---------- If the permissions are more permissive, this is a finding. |
Fix Text (F-16518r294418_fix) |
---|
Use the chmod command to remove all permissions on these commands: # chmod ugo= /usr/bin/rcp # chmod ugo= /usr/bin/rlogin # chmod ugo= /usr/bin/rsh # chmod ugo= /usr/bin/rexec # chmod ugo= /usr/bin/telnet |