GEN000000-AIX0320 – The /etc/ftpaccess.ctl file must be owned by root.

Details

If the ftpaccess.ctl file is not owned by root, an unauthorized user may modify the file to allow unauthorized access to change the file. Unauthorized modification could result in Denial of Service to authorized FTP users or permit unauthorized access to system information.

Solution

Change the owner of the ftpaccess.ctl file to root.

# chown root /etc/ftpaccess.ctl

Supportive Information

The following resource is also helpful.

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control, Configuration Management.This control applies to the following type of system Unix.

References

800-53|AC-6
800-53|CM-6b.
CAT|II
CCI|CCI-000225
CCI|CCI-000366
CSCv6|3.1
Group-ID|V-29520
Rule-ID|SV-38751r1_rule
STIG-ID|GEN000000-AIX0320
Vuln-ID|V-29520

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles