Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
A production OHS Installation must prohibit the installation of a compiler.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-64655 | OH12-1X-000208 | SV-79145r1_rule | Medium |
| Description |
|---|
| The presence of a compiler on a production server facilitates the malicious user’s task of creating custom versions of programs and installing Trojan Horses or viruses. For example, the attacker’s code can be uploaded and compiled on the server under attack. |
| STIG | Date |
|---|---|
| Oracle HTTP Server 12.1.3 Security Technical Implementation Guide | 2020-06-12 |
Details
| Check Text ( C-65397r1_chk ) |
|---|
| 1. Ask the System Administrator if a compiler is installed on the system. 2. If it is, this is a finding. |
| Fix Text (F-70585r1_fix) |
|---|
| Ask the System Administrator to remove any compilers installed on the system. |