Details

Excessive permissions on the ftpaccess.ctl file could permit unauthorized modification. Unauthorized modification could result in Denial of Service to authorized FTP users or permit unauthorized access to system information.

Solution

Remove the extended ACL from the /etc/ftpaccess.ctl file.

#acledit /etc/ftpaccess.ctl
Disable extended permissions.

Supportive Information

The following resource is also helpful.

• https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control, Configuration Management.This control applies to the following type of system Unix.

References

• 800-53|AC-6
• 800-53|CM-6b.
• CAT|II
• CCI|CCI-000225
• CCI|CCI-000366
• Group-ID|V-29523
• Rule-ID|SV-38754r1_rule
• STIG-ID|GEN000000-AIX0350
• Vuln-ID|V-29523

Source

• Tenable.com/audits