The TFTP service daemon must not be installed unless required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-216291 | SOL-11.1-020140 | SV-216291r603267_rule | High |
| Description |
|---|
| TFTP is an insecure protocol. |
| STIG | Date |
|---|---|
| Solaris 11 SPARC Security Technical Implementation Guide | 2021-11-23 |
Details
| Check Text ( C-17527r370961_chk ) |
|---|
| Determine if the TFTP package is installed. # pkg list service/network/tftp If an installed package named "/service/network/tftp" is listed and not required for operations, this is a finding. |
| Fix Text (F-17525r370962_fix) |
|---|
| The Software Installation Profile is required. # pfexec pkg uninstall install/installadm # pfexec pkg uninstall service/network/tftp |