Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-22579 | GEN008480 | SV-26970r2_rule | ECSC-1 | Low |
Description |
---|
USB is a common computer peripheral interface. USB devices may include storage devices that could be used to install malicious software on a system or exfiltrate data. |
STIG | Date |
---|---|
Solaris 9 X86 Security Technical Implementation Guide | 2014-01-08 |
Check Text ( C-27917r4_chk ) |
---|
If the system needs USB storage, this vulnerability is not applicable. Use the usbsecure.pl script to determine if USB storage is enabled. If USB storage is enabled, this is a finding. The script should be obtained from an authoritative channel. A link to the script from the Sun Developers Network is http://dsc.sun.com/solaris/driverdev/reference/codesamples/usb_security/index.html |
Fix Text (F-24232r3_fix) |
---|
Use the usbsecure.pl script to disable USB storage. The script should be obtained from an authoritative channel. A link to the script from the Sun Developers Network is http://dsc.sun.com/solaris/driverdev/reference/codesamples/usb_security/index.html |