UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Network shell protocol is enabled in FireFox.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15771 DTBF105 SV-16710r1_rule ECSC-1 Medium
Description
Although current version of Firefox have this set to disabled by default, use of this option can be harmful. This would allow the browser to access the Windows shell. This could allow access to the underlying system. This check verifies that the default setting has not been changed.
STIG Date
Mozilla FireFox 2012-09-05

Details

Check Text ( C-16615r1_chk )
Procedure: Open a browser window, type "about:config" in the address bar.

Criteria: If the "network.protocol-handler.external.shell" value is "false", then this is not a finding.
Fix Text (F-15988r1_fix)
Set the "network.protocol-handler.external.shell" value to "false"