[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*


CCE-6495-6
traceroute executable should be owned by an appropriate user

CCE-6517-7
/etc/security/audit_control file permissions should be set appropriately

CCE-7317-1
Sendmail expn command should be allowed or not as appropriate

CCE-7547-3
Users should be listed in the ASET userlist file or not as appropriate

CCE-7438-5
/etc/notrouter file should be owned by an appropriate group

CCE-7272-8
/var/adm/loginlog file permissions should be set appropriately

CCE-6868-4
Creation/modification of superuser groups should be audited or not as appropriate

CCE-7393-2
At directory should be owned by an appropriate group

CCE-7501-0
The /var/adm/utmp[x] log should be enabled or disabled as appropriate

CCE-7186-0
Filesystem logging/journaling should be performed or not as appropriate

CCE-6603-5
The bind service should be enabled or disabled as appropriate.

CCE-7491-4
rsh auth should be allowed or disallowed by PAM as appropriate

CCE-6977-3
Non attributable events (na class) should be audited or not as appropriate

CCE-6690-2
auth usage should be audited or not as appropriate

CCE-6299-2
sprayd service should be enabled or disabled as appropriate

CCE-7283-5
crontab files should be owned by an appropriate user

CCE-7031-8
The lockd service should be enabled or disabled as appropriate

CCE-7381-7
System rshd logons should be audited or not as appropriate

CCE-6276-0
Source-routed packets should be accepted or rejected as appropriate.

CCE-6582-1
/var/log/pamlog file should be owned by an appropriate user

CCE-7152-2
The use of NIS special characters (+ or -) in the first field of the /etc/group file should be allowed or disallowed as appropriate.

CCE-7449-2
IP redirects should be followed or ignored as appropriate

CCE-7305-6
cron.deny data should be owned by an appropriate group

CCE-7250-4
The /bin/rsh file should exist or not as appropriate

CCE-7559-8
The /var/log/syslog log should be enabled or disabled as appropriate

CCE-6712-4
The /etc/hosts.equiv file should exist or not as appropriate.

CCE-6746-2
tftpd service should be enabled or disabled as appropriate

CCE-7020-1
/var/adm/syslog file permissions should be set appropriately

CCE-7414-6
Sending of IP redirects should be enabled or disabled as appropriate

CCE-7437-7
DEPRECATED in favor of CCE-7009-4.

CCE-7066-4
The SSH login banner should be set appropriately.

CCE-7089-6
vino-server service should be enabled or disabled as appropriate

CCE-6341-2
Samba 'encrypt' passwords option should be set as appropriate

CCE-7262-9
DEPRECATED.

CCE-7141-5
The default login console should be set appropriately

CCE-7164-7
Login accounts should include an appropriate GECOS identifier or no GECOS identifier

CCE-6953-4
/etc/inetd.conf file permissions should be set appropriately

CCE-7187-8
/etc/hosts file permissions should be set appropriately

CCE-6976-5
.rhosts files should exist or not as appropriate for all users.

CCE-7380-9
/etc/rmmount.conf file should be owned by an appropriate user

CCE-8665-2
/etc/auto.master file should be owned by an appropriate group

CCE-7282-7
/etc/samba/smb.conf file should be owned by an appropriate group

CCE-6485-7
Response to ICMP timestamp broadcast requests should be enabled or disabled as appropriate

CCE-7078-9
/usr/lib/sendmail file should be owned by an appropriate group

CCE-8359-2
Exported files and directories should be owned by an appropriate group

CCE-7153-0
daytime service should be enabled or disabled as appropriate

CCE-7766-9
/etc/auto.misc file should be owned by an appropriate group

CCE-6659-7
The chown system call should be audited or not as appropriate

CCE-7176-1
/usr/bin/sh file permissions should be set appropriately

CCE-7130-8
Response to ICMP timestamp requests should be enabled or disabled as appropriate

CCE-7251-2
at.allow file permissions should be set appropriately

CCE-7304-9
/etc/named.boot file should be owned by an appropriate group

CCE-7270-2
/etc/passwd file should be owned by an appropriate group

CCE-7067-2
ftp service should be enabled or disabled as appropriate

CCE-7293-4
/etc/fs file permissions should be set appropriately

CCE-6308-1
rexec service should be enabled or disabled as appropriate

CCE-7436-9
DEPRECATED.

CCE-7459-1
Exported files and directories should be owned by an appropriate user

CCE-6933-6
/bin/csh file permissions should be set appropriately

CCE-7188-6
Default number of allowed retries should be set appropriately

CCE-7240-5
/var/adm/wtmp file permissions should be set appropriately

CCE-6910-4
DEPRECATED in favor of CCE-7009-4.

CCE-7315-5
The default number of syslog failed logins retried should be set appropriately

CCE-7568-9
Hard core dump size limits should be set appropriately

CCE-6945-0
rquotad service should be enabled or disabled as appropriate

CCE-7010-2
/usr/aset/userlist file permissions should be set appropriately

CCE-7326-2
smbpassword file permissions should be set appropriately

CCE-7056-5
DEPRECATED.

CCE-6835-3
/etc/dfs file permissions should be set appropriately

CCE-8314-7
/etc/auto.net file should be owned by an appropriate user

CCE-6580-5
cron.allow file should be owned by an appropriate group

CCE-7401-3
Programs executed through aliases file entries should be owned by an appropriate group

CCE-7424-5
/etc/rmmount.conf file permissions should be set appropriately

CCE-7154-8
The mountd service should be enabled or disabled as appropriate

CCE-6737-1
/etc/exports should be owned by an appropriate group

CCE-6264-6
The Network Time Protocol (ntp) synchronization server should be set appropriately.

CCE-7120-9
Crontab file permissions should be set appropriately

CCE-7292-6
snmpd.conf file permissions should be set appropriately

CCE-6287-7
rcp service should be enabled or disabled as appropriate

CCE-7390-8
System ssh logons should be audited or not as appropriate

CCE-7022-7
/etc/sh file permissions should be set appropriately

CCE-7045-8
finger service should be enabled or disabled as appropriate

CCE-7412-0
DEPRECATED.

CCE-6604-3
font-service should be enabled or disabled as appropriate

CCE-7665-3
Root logins should be allowed or not as appropriate from SSH consoles

CCE-7458-3
The current wokring directory should or should not be added to the environmental variable PATH by global initialization files as appropriate

CCE-7264-5
Samba 'smb passwd file' option should be set to an appropriate password file or no password file

CCE-7189-4
The nfsd service should be enabled or disabled as appropriate

CCE-7241-3
/etc/syslog.conf file should be owned by an appropriate user

CCE-7337-9
/etc/exports file permissions should be set appropriately

CCE-7521-8
System rexecd logons should be audited or not as appropriate

CCE-6702-5
The seteuid system call should be audited or not as appropriate

CCE-7280-1
DEPRECATED.

CCE-7533-3
The TCP max connection limit should be set appropriately

CCE-6921-1
The user umask should be set appropriately

CCE-7011-0
/etc/vfstab file permissions should be set appropriately

CCE-7302-3
Default su console should be set appropriately

CCE-7057-3
Multicast route assignment should be enabled or disabled as appropriate

CCE-7510-1
The /var/adm/messages log should be enabled or disabled as appropriate

CCE-6581-3
Default sleeptime should be set appropriately

CCE-7253-8
The setegid system call should be audited or not as appropriate

CCE-7400-5
/etc/resolv.conf file should be owned by an appropriate group

CCE-7230-6
Samba should be enabled or disabled as appropriate

CCE-6615-9
/etc/motd file permissions should be set appropriately

CCE-8171-1
The at.allow file should be configured with the set of users permitted to use the at facility as appropriate.

CCE-7155-5
The current working directory should or should not be added to the environmental variable PATH by local initialization files as appropriate

CCE-6944-3
rlogin auth should be allowed by pam.d or not as appropriate

CCE-7348-6
The /usr/bin/rsh file should exist or not as appropriate

CCE-6713-2
The inetd service should be enabled or disabled as appropriate.

CCE-7178-7
System rlogin logons should be audited or not as appropriate

CCE-7359-3
DEPRECATED.

CCE-6950-0
/etc/host.lpd file permissions should be set appropriately

CCE-6536-7
Groups referenced in /etc/passwd should be included in /etc/group or not as appropriate.

CCE-7000-3
NFS server logging should be enabled or disabled as appropriate

CCE-7336-1
Crontab directory permissions should be set appropriately

CCE-7069-8
/etc/pam.conf file permissions should be set appropriately

CCE-6491-5
File permissions should be set appropriately for all user home directories.

CCE-6645-6
/etc/csh file permissions should be set appropriately

CCE-7457-5
Each user home directory should be owned by an appropriate user.

CCE-6198-6
Password policy should enforce the correct amount of special characters

CCE-6841-1
Accounts other than root should be allowed to have the UID 0 or not as appropriate

CCE-6668-8
/usr/bin/at file permissions should be set appropriately

CCE-7167-0
DEPRECATED.

CCE-7434-4
DEPRECATED.

CCE-7265-2
/etc/security/audit_event file should be owned by an appropriate user

CCE-7242-1
/etc/named.boot file should be owned by an appropriate user

CCE-7144-9
/etc/cron.d/at.allow file permissions should be set appropriately

CCE-7653-9
Caching of the RBAC prof_attr should be enabled or disabled as appropriate

CCE-6610-0
/etc/hostname* file permissions should be set appropriately

CCE-7058-1
imap2 service should be enabled or disabled as appropriate

CCE-7110-0
DEPRECATED.

CCE-6633-2
traceroute executable should be owned by an appropriate group

CCE-6656-3
Routing should be enabled or disabled as appropriate

CCE-7035-9
DEPRECATED.

CCE-6480-8
DEPRECATED.

CCE-7445-0
DEPRECATED.

CCE-7254-6
su usage should be audited or not as appropriate

CCE-7231-4
resolv.conf file permissions should be set appropriately

CCE-7468-2
The high security directory list should be set appropriately

CCE-7156-3
chargen service should be enabled or disabled as appropriate

CCE-7290-0
NIS+ server should operate at an appropriate security level

CCE-7179-5
/etc/named.conf file permissions should be set appropriately

CCE-7347-8
/var/adm/messages file permissions should be set appropriately

CCE-7335-3
ARP cleanup interval should be set appropriately

CCE-6995-5
/opt should be configured on an appropriate filesystem partition

CCE-7312-2
DEPRECATED.

CCE-7358-5
/etc/notrouter file should be owned by an appropriate user

CCE-7542-4
auditing should be logged to an appropriate directory

CCE-6307-3
rusersd service should be enabled or disabled as appropriate

CCE-7024-3
New users should be required or not required to change their password on first login as appropriate

CCE-6285-1
Executable stack should be enabled or disabled as appropriate

CCE-6919-5
Password policy should ban or allow words found in a dictionary as appropriate.

CCE-7243-9
/tmp file permissions should be set appropriately

CCE-6439-4
/etc/aliases file permissions should be set appropriately

CCE-7220-7
The read-only (ro) option should be enabled or disabled as appropriate for all NFS exports.

CCE-7588-7
System ftp logons should be audited or not as appropriate

CCE-7145-6
uucp service should be enabled or disabled as appropriate

CCE-6730-6
The /var/log/pamlog log should be enabled or disabled as appropriate

CCE-7577-0
The free space threshold to warn at should be set appropriately

CCE-7300-7
/etc/passwd file should be owned by an appropriate user

CCE-6503-7
DEPRECATED in favor of CCE-7736-2.

CCE-6481-6
snmpd.conf file should be owned by an appropriate group

CCE-6632-4
The shell for the root account should be located on the appropriate filesystem

CCE-6886-6
Programs executed through aliases file entries should be owned by an appropriate user

CCE-7444-3
/etc/security/audit_event file should be owned by an appropriate group

CCE-7059-9
tooltalk service should be enabled or disabled as appropriate

CCE-6428-7
Cron log file permissions should be set appropriately

CCE-6405-5
At directory should be owned by an appropriate user

CCE-7157-1
.shosts files should exist or not as appropriate for all users.

CCE-7232-2
Root logins should be restricted to the console or not as appropriate.

CCE-7323-9
PAM should be logged at an appropriate level

CCE-6549-0
/etc/security/audit_class file permissions should be set appropriately

CCE-6961-7
Samba 'security option' option should be set as appropriate

CCE-6394-1
/etc/services file permissions should be set appropriately

CCE-7839-4
The at.deny file should be configured with the set of users not permitted to use the at facility as appropriate.

CCE-6768-6
/etc/default/* file permissions should be set appropriately

CCE-7025-0
DEPRECATED.

CCE-6459-2
DEPRECATED.

CCE-6624-1
The /etc/ftpusers file should exist or not as appropriate

CCE-7267-8
/bin/sh file permissions should be set appropriately

CCE-7244-7
PAM access to /dev/console should be logged at an appropriate level or not logged as appropriate

CCE-6601-9
cron.allow file should be owned by an appropriate user

CCE-7432-8
ARP IRE interval should be set appropriately

CCE-6511-0
/var/log/pamlog file permissions should be set appropriately

CCE-6998-9
Cron logging should be enabled or disabled as appropriate

CCE-6557-3
Samba 'hosts allow' option should be configured with an appropriate set of networks

CCE-7146-4
The minimum password age should be set as appropriate

CCE-6196-0
Core dump size limits should be set appropriately

CCE-7169-6
The Solaris Automated Security Enhancement Tool (ASET) tune.med file should exist or not as appropriate

CCE-7158-9
Programs executed through the aliases file should reside a directory with an appropriate user owner

CCE-7368-4
DEPRECATED.

CCE-7553-1
/etc/security/audit_class file should be owned by an appropriate group

CCE-6338-8
Programs executed through the aliases file should be owned by an appropriate user

CCE-6733-0
/etc/syslog.conf file permissions should be set appropriately

CCE-7345-2
DEPRECATED in favor of CCE-7839-4.

CCE-6877-5
NFS should be configured to respond or not as appropriate to client requests that do not originate from a privileged port

CCE-7210-8
/var/adm/utmp file permissions should be set appropriately

CCE-7420-3
/usr/aset/masters/uid_aliases should contain an appropriate listing of aliases

CCE-6328-9
.forward files should be allowed or disallowed as appropriate for all users

CCE-7101-9
/usr/kerberos/bin/rsh file permissions should be set appropriately

CCE-7586-1
Password changes should be audited or not as appropriate

CCE-6767-8
at.allow file should be owned by an appropriate group

CCE-7310-6
The ASET periodic schedule setting should be set appropriately

CCE-7049-0
Password policy should enforce or not enforce the requirement to have mixed case passwords as appropriate.

CCE-6600-1
DEPRECATED.

CCE-7003-7
/bin/bash file permissions should be set appropriately

CCE-6260-4
Home directories referenced in /etc/passwd should exist or not as appropriate

CCE-6490-7
/usr/bin/jsh file permissions should be set appropriately

CCE-7563-0
ASET should check NIS+ tables or not as appropriate

CCE-7268-6
Each user home directory should be owned by an appropriate group.

CCE-6646-4
IP forwarding should be enabled or disabled as appropriate

CCE-6865-0
Strict destination multihoming should be enabled or disabled as appropriate

CCE-7222-3
/etc/security/audit_control file should be owned by an appropriate group

CCE-7245-4
Remote (serial) consoles should be enabled or disabled as appropriate.

CCE-6899-9
su usage should be audited or not as appropriate

CCE-7147-2
inetd.conf file should be owned by an appropriate group

CCE-6951-8
The read/write SNMP community string should be set appropriately.

CCE-6721-5
/sbin/jsh file permissions should be set appropriately

CCE-7344-5
The UID aliases pointer should be set appropriately

CCE-7159-7
/var/mail file permissions should be set appropriately

CCE-6778-5
/etc/security file permissions should be set appropriately

CCE-7113-4
.Xauthority file permissions should be set appropriately for all users.

CCE-6876-7
Global initialization files should allow or deny write access to the terminal as appropriate

CCE-7038-3
Authorized X-clients should be listed or not in the X*.hosts file as appropriate

CCE-7234-8
rstatd service should be enabled or disabled as appropriate

CCE-7488-0
TCP reverse source routes should be enabled or disabled as appropriate

CCE-6218-2
The console login banner should be set appropriately.

CCE-8602-5
NFS should be configured to respond or not as appropriate to client requests that do not include a user id .

CCE-6392-5
/etc/mail/aliases file permissions should be set appropriately

CCE-7136-5
/bin/jsh file permissions should be set appropriately

CCE-7607-5
DEPRECATED.

CCE-7080-5
The minimum required password length should be set as appropriate

CCE-7355-1
/usr/tmp file permissions should be set appropriately

CCE-7378-3
Cron directories should be owned by an appropriate user

CCE-6434-5
The number of consecutive failed login attempts required to trigger a lockout should be set as appropriate

CCE-6641-5
Forwarding of source routed packets should be enabled or disabled as appropriate

CCE-7453-4
DEPRECATED.

CCE-7269-4
/usr/bin/csh file permissions should be set appropriately

CCE-7223-1
/etc/rmmount.conf file should be owned by an appropriate group

CCE-6860-1
at.deny file should be owned by an appropriate user

CCE-6194-5
/var should be configured on an appropriate filesystem partition

CCE-7430-2
DEPRECATED.

CCE-7125-8
/etc/samba/smb.conf file should be owned by an appropriate user

CCE-7320-5
/var/log directory should be owned by an appropriate user

CCE-7343-7
DEPRECATED.

CCE-6981-5
The read-only SNMP community string should be set appropriately.

CCE-7366-8
/usr/lib/embedded_us file permissions should be set appropriately

CCE-6469-1
/etc/services file should be owned by an appropriate user

CCE-6400-6
/etc/vold.conf file permissions should be set appropriately

CCE-7258-7
The home directory for each user account should be set appropriately.

CCE-6928-6
/var/adm/authlog file permissions should be set appropriately

CCE-7016-9
The noexec_user_stack flag should be set on the user stack or not as appropriate

CCE-7441-9
smbpasswd executable should be owned by an appropriate group

CCE-6567-2
rlogin service should be enabled or disabled as appropriate

CCE-8494-7
/etc/auto.misc file should be owned by an appropriate user

CCE-7137-3
walld service should be enabled or disabled as appropriate

CCE-7126-6
Generic PAM authentication should be enabled or disabled as appropriate

CCE-7584-6
/var/adm directory should be owned by an appropriate user

CCE-7149-8
ident service should be enabled or disabled as appropriate

CCE-7103-5
rlogin auth should be allowed or disallowed by PAM as appropriate

CCE-6991-4
/etc/shadow file permissions should be set appropriately

CCE-6579-7
Attempted stack eploit logging should be enabled or disabled as appropriate

CCE-7005-2
telnet service should be enabled or disabled as appropriate

CCE-7331-2
The current directory should or should not be added to the environmental variable PATH by run control scripts as appropriate

CCE-6640-7
Response to echo (ping) request broadcasts should be enabled or disabled as appropriate

CCE-7190-2
/etc/security/audit_class file should be owned by an appropriate user

CCE-7028-4
The delay between failed logins should be set as appropriate

CCE-7201-7
All logon attempts should be logged or not logged as appropriate

CCE-7247-0
smbpasswd file should be owned by an appropriate group

CCE-7092-0
/etc/named.conf file should be owned by an appropriate user

CCE-7388-2
DEPRECATED in favor of CCE-7009-4.

CCE-6927-8
/etc/cron.d/cron.allow file permissions should be set appropriately

CCE-7017-7
Response to ICMP echo (ping) requests should be enabled or disabled as appropriate

CCE-7259-5
X-Windows should be enabled or disabled as appropriate

CCE-6390-9
/etc/issue file permissions should be set appropriately

CCE-7236-3
Crontab directories should be owned by an appropriate user

CCE-6904-7
/etc/shadow file should be owned by an appropriate group

CCE-8264-4
/etc/auto.net file should be owned by an appropriate group

CCE-6697-7
/etc/init.d file permissions should be set appropriately

CCE-7486-4
The low security directory list should be set appropriately

CCE-6568-0
DEPRECATED in favor of CCE-8665-2, CCE-7766-9, CCE-8264-4.

CCE-7115-9
/etc/resolv.conf file should be owned by an appropriate user

CCE-7440-1
DEPRECATED.

CCE-7127-4
EEPROM warning banner should be set appropriately

CCE-7104-3
Access to single-user mode (maintainence mode) should require the root password or not as appropriate

CCE-6787-6
DEPRECATED in favor of CCE-8221-4.

CCE-7376-7
Aliases file permissions should be set appropriately

CCE-7353-6
/sbin/bash file permissions should be set appropriately

CCE-6643-1
The decode sendmail alias should be enabled or disabled as appropriate.

CCE-7029-2
/dev/null file permissions should be set appropriately

CCE-7248-8
/etc/samba/smb.conf file permissions should be set appropriately

CCE-7278-5
/sbin/sh file permissions should be set appropriately

CCE-7225-6
cron.deny should be owned by an appropriate user

CCE-6620-9
The TCP abort interval should be set appropriately

CCE-7474-0
/var directory should be owned by an appropriate user

CCE-7497-1
DEPRECATED in favor of CCE-7736-2.

CCE-6741-3
Response to mask addresses should be enabled or disabled as appropriate

CCE-6323-0
All files should be owned by an existing group or not as appropriate.

CCE-7399-9
The /var/adm/sulog log should be enabled or disabled as appropriate

CCE-7071-4
DEPRECATED.

CCE-6983-1
smbpasswd file should be owned by an appropriate user

CCE-7289-2
The /etc/rsh file should exist or not as appropriate

CCE-7341-1
The Solaris Automated Security Enhancement Tool (ASET) tune.low file should exist or not as appropriate

CCE-6885-8
Response to ICMP timestamp requests should be enabled or disabled as appropriate

CCE-6850-2
DEPRECATED.

CCE-7214-0
The /etc/shells file should exist or not as appropriate

CCE-7237-1
inetd.conf file should be owned by an appropriate user

CCE-6677-9
The setreuid system call should be audited or not as appropriate

CCE-6565-6
/usr/aset/userlist file should be owned by an appropriate group

CCE-8221-4
The cron.deny file should be configured with the set of users not permitted to use the cron facility as appropriate.

CCE-6311-5
.netrc files should exist or not as appropriate for all users.

CCE-7375-9
Environmental variable PATH for superuser accounts should not contain the current directory as the first or last entry

CCE-7352-8
DEPRECATED.

CCE-7105-0
The ntpd service should be enabled or disabled as appropriate.

CCE-6324-8
The home directory for the root account should be set appropriately.

CCE-7060-7
DEPRECATED in favor of CCE-8221-4.

CCE-7398-1
DEPRECATED.

CCE-6479-0
DEPRECATED.

CCE-6665-4
The lchown system call should be audited or not as appropriate

CCE-7277-7
The setpgrp system call should be audited or not as appropriate

CCE-6861-9
/etc/default/login file permissions should be set appropriately

CCE-7249-6
discard service should be enabled or disabled as appropriate

CCE-6895-7
File permissions should be set appropriately for all shell executables.

CCE-7203-3
at.allow file should be owned by an appropriate user

CCE-6688-6
The ftp account should exist or not as appropriate

CCE-7496-3
Response to ICMP timestamp broadcast requests should be enabled or disabled as appropriate

CCE-7363-5
/etc/exports should be owned by an appropriate user

CCE-7095-3
traceroute executable file permissions should be set appropriately

CCE-8330-3
NIS server should be enabled or disabled as appropriate

CCE-7238-9
Environmental variable PATH for superuser accounts should or should not contain world-writable files as appropriate

CCE-7340-3
/usr/lib/sendmail file permissions should be set appropriately

CCE-7215-7
Cron directory permissions should be set appropriately

CCE-7181-1
cron.deny file permissions should be set appropriately

CCE-6630-8
inn service should be enabled or disabled as appropriate

CCE-7461-7
/usr/lib/sendmail file should be owned by an appropriate user

CCE-6929-4
The user audit file should contain an appropriate set of never-audit flags

CCE-7193-6
DEPRECTATED in favor of CCE-8421-0 and CCE-8330-3

CCE-7117-5
The use of NIS special characters (+ or -) in the first field of the /etc/shadow file should be allowed or disallowed as appropriate.

CCE-7603-4
System ftp logoffs should be audited or not as appropriate

CCE-7626-5
Forwarding of source routed IPv6 packets should be enabled or disabled as appropriate

CCE-7299-1
The sendmail banner should be set appropriately.

CCE-7397-3
/var/tmp file permissions should be set appropriately

CCE-6367-7
at.deny file permissions should be set appropriately

CCE-6683-7
The graphical login banner should be set appropriately.

CCE-6453-5
Sendmail should be enabled or disabled as appropriate

CCE-6803-1
inetd logging should be enabled or disabled as appropriate

CCE-7276-9
DEPRECATED.

CCE-7351-0
Crontab directories should be owned by an appropriate group

CCE-7581-2
Caching of the RBAC exec_attr should be enabled or disabled as appropriate

CCE-7008-6
/etc/jsh file permissions should be set appropriately

CCE-6321-4
TCP_WRAPPERS should be enabled or disabled as appropriate

CCE-6935-1
The Solaris Automated Security Enhancement Tool (ASET) tune.high file should exist or not as appropriate

CCE-7118-3
rexd service should be enabled or disabled as appropriate

CCE-6837-9
The ftp login banner should be set appropriately.

CCE-7096-1
Sendmail should be configured with an appropriate logging level

CCE-7216-5
DEPRECATED.

CCE-7171-2
/bin/ksh file permissions should be set appropriately

CCE-7460-9
snmpd.conf file should be owned by an appropriate user

CCE-7309-8
The /sbin/rsh file should exist or not as appropriate

CCE-6378-4
/dev/mem file permissions should be set appropriately

CCE-7194-4
cron.allow file permissions should be set appropriately

CCE-7407-0
DEPRECATED.

CCE-7483-1
Clearing of the audit log file should be audited or not as appropriate

CCE-6947-6
The version string reported by the bind service should be configured appropriately.

CCE-6563-1
DEPRECATED.

CCE-7062-3
The nosuid option should be enabled or disabled for all NFS mounts as appropriate

CCE-8488-9
/etc/auto.master file should be owned by an appropriate user

CCE-7275-1
xdmcp service should be enabled or disabled as appropriate

CCE-7350-2
System rexd logons should be audited or not as appropriate

CCE-7580-4
Use of identification/authorization mechanisms should be audited or not as appropriate

CCE-7009-4
login and logout events (lo class) should be audited or not as appropriate

CCE-7228-0
X-Windows should write .Xauthority files to users' home directories or not as appropriate

CCE-7471-6
smbpasswd executable should be owned by an appropriate user

CCE-7736-2
The cron.allow file should be configured with the set of users permitted to use the cron facility as appropriate.

CCE-7183-7
The use of NIS special characters (+ or -) in the first field of the /etc/passwd file should be allowed or disallowed as appropriate.

CCE-6575-5
DEPRECATED.

CCE-6606-8
chmod command should be audited or not as appropriate

CCE-7107-6
IPv6 forwarding should be enabled or disabled as appropriate

CCE-6322-2
SNMP version 1 should be enabled or disabled as appropriate

CCE-7119-1
All device files should be located inside an appropriate path

CCE-7308-0
/etc/named.conf file should be owned by an appropriate group

CCE-7361-9
The system umask should be set appropriately

CCE-7406-2
/etc/security/audit_control file should be owned by an appropriate user

CCE-6670-4
crontab files should be owned by an appropriate group

CCE-7286-8
/usr/bin/ksh file permissions should be set appropriately

CCE-7097-9
NFS should be configured with appropriate authentication methods

CCE-7172-0
SSH Protocol v1 should be enabled or disabled as appropriate

CCE-7217-3
File permissions should be set as appropriate for the log file configured to capture critical sendmail messages.

CCE-6489-9
Sendmail vrfy command should be allowed or not as appropriate

CCE-6379-2
/usr/bin/bash file permissions should be set appropriately

CCE-6258-8
Shells referenced in /etc/passwd should be included in /etc/shells or not as appropriate

CCE-7482-3
rlogin auth should be allowed by pam.d or not as appropriate

CCE-6541-7
echo service should be enabled or disabled as appropriate

CCE-6474-1
/etc/services file should be owned by an appropriate group

CCE-7086-2
Password history should be saved for an appropriate number of password changes

CCE-7063-1
Superuser account home directories' permissions should be set appropriately

CCE-6805-6
/etc/notrouter file permissions should be set appropriately

CCE-6990-6
/var/adm/sulog file permissions should be set appropriately

CCE-7274-4
pop3 service should be enabled or disabled as appropriate

CCE-6685-2
cmsd service should be enabled or disabled as appropriate

CCE-7206-6
DEPRECATED in favor of CCE-8171-1.

CCE-6342-0
The "at" utility directory permissions should be set as appropriate

CCE-7161-3
Cron directories should be owned by an appropriate group

CCE-7184-5
/etc/ksh file permissions should be set appropriately

CCE-7470-8
DEPRECATED in favor of CE-8488-9, CCE-8494-7 and CCE-8314-7.

CCE-7503-6
Forwarding of directed broadcasts should be enabled or disabled as appropriate

CCE-6609-2
The /var/adm/wtmp[x] log should be enabled or disabled as appropriate

CCE-8236-2
The chmod system call should be audited or not as appropriate

CCE-6267-9
Automount should be enabled or disabled as appropriate

CCE-7526-7
The setregid system call should be audited or not as appropriate

CCE-6783-5
IPv6 should be enabled or disabled as appropriate

CCE-6595-3
The statd service should be enabled or disabled as appropriate

CCE-7108-4
All files should be owned by an existing account or not as appropriate.

CCE-7493-0
The setgroups system call should be audited or not as appropriate

CCE-6255-4
Each account should be assigned a unique UID or not as appropriate

CCE-7052-4
DEPRECATED.

CCE-7405-4
Print services through inetd should be enabled or disabled as appropriate

CCE-7515-0
DEPRECATED.

CCE-6673-8
Caching of the RBAC user_attr should be enabled or disabled as appropriate

CCE-6650-6
sadmin service should be enabled or disabled as appropriate

CCE-7098-7
rsh service should be enabled or disabled as appropriate

CCE-6903-9
The telnet login banner should be set appropriately.

CCE-6399-0
/etc/passwd file permissions should be set appropriately

CCE-7218-1
smbpassword executable permissions should be set appropriately

CCE-6696-9
Sendmail help command should be allowed or not as appropriate

CCE-7150-6
/dev/kmem file permissions should be set appropriately

CCE-7173-8
/export/home should be configured on an appropriate filesystem partition

CCE-6926-0
The screen lock should activate after an appropriate period of inactivity

CCE-7196-9
Login access to accounts without passwords should be enabled or disabled as appropriate

CCE-7481-5
DEPRECATED.

CCE-7307-2
dtspc (cde-spc) service should be enabled or disabled as appropriate

CCE-7087-0
/etc/netconfig file permissions should be set appropriately

CCE-7548-1
The uid_aliases file should exist or not as appropriate

CCE-6684-5
System telnet logons should be audited or not as appropriate

CCE-7064-9
DEPRECATED.

CCE-7273-6
/usr/lib/pt_chmod file permissions should be set appropriately

CCE-8421-0
NIS clinent should be enabled or disabled as appropriate

CCE-6661-3
The fchmod system call should be audited or not as appropriate

CCE-6452-7
at.deny file should be owned by an appropriate group

CCE-6891-6
The medium security directory list should be set appropriately

CCE-7296-7
DEPRECATED.

CCE-7207-4
/var/spool/mail file permissions should be set appropriately

CCE-7394-0
/var/log/pamlog file should be owned by an appropriate group

CCE-6729-8
DEPRECATED.

CCE-6936-9
/usr/bin/rdist file permissions should be set appropriately

CCE-7185-2
Accounts other than root and locked system accounts should be allowed to have a GID of 0 or not as appropriate

CCE-6550-8
/etc/security/audit_event file permissions should be set appropriately

CCE-7109-2
All files executed through /etc/aliases file entries should have file permissions set appropriately

CCE-7492-2
BSM auditing should be enabled or disabled as appropriate

CCE-6672-0
/sbin/ksh file permissions should be set appropriately

CCE-7076-3
/etc/shadow file should be owned by an appropriate user

CCE-7053-2
The default gateway should be set appropriately.

CCE-7514-3
EEPROM security mode should be set appropriately

CCE-7590-3
The fchown system call should be audited or not as appropriate

CCE-7404-7
/etc/syslog.conf file should be owned by an appropriate group

CCE-6880-9
/usr/aset/userlist file permissions should be set appropriately

CCE-6619-1
The /var/adm/sshlog log should be enabled or disabled as appropriate

CCE-6793-4
The /var/log/authlog log should be enabled or disabled as appropriate

CCE-7197-7
X11 forwarding via SSH should be enabled or disabled as appropriate.

CCE-7174-6
/usr/sbin/sync file permissions should be set appropriately

CCE-7306-4
DEPRECATED.

CCE-6902-1
All su (switch user) activity should be logged or not as appropriate

CCE-6562-3
/etc/ufs file permissions should be set appropriately

CCE-6585-4
netstat service should be enabled or disabled as appropriate

CCE-7329-6
/sbin/csh file permissions should be set appropriately

CCE-4909-8
DEPRECATED.

CCE-4923-9
DEPRECATED.

CVE    52
CVE-2011-2249
CVE-2011-2287
CVE-2011-2259
CVE-2011-2258
...
*CPE
cpe:/o:sun:sunos:5.9

© 2013 SecPod Technologies