[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-26891-2

Platform: cpe:/o:centos:centos:6, cpe:/o:oracle:linux:6, cpe:/o:redhat:enterprise_linux:6Date: (C)2014-09-10   (M)2023-07-04



To further limit access to the root account, administrators can disable root logins at the console by editing the /etc/securetty file. This file lists all devices the root user is allowed to login to. If the file does not exist at all, the root user can login through any communication device on the system, whether via the console or via a raw network interface. This is dangerous as user can login to his machine as root via Telnet, which sends the password in plain text over the network. By default, CentOS Enteprise Linux"s /etc/securetty file only allows the root user to login at the console physically attached to the machine. To prevent root from logging in, remove the contents of this file. To prevent direct root logins, remove the contents of this file by typing the following command: echo > /etc/securetty


Parameter:

[]


Technical Mechanism:

CCSS Severity:CCSS Metrics:
CCSS Score : 8.1Attack Vector: NETWORK
Exploit Score: 2.2Attack Complexity: HIGH
Impact Score: 5.9Privileges Required: NONE
Severity: HIGHUser Interaction: NONE
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:53809
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:21983
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:20299


OVAL    3
oval:org.secpod.oval:def:53809
oval:org.secpod.oval:def:20299
oval:org.secpod.oval:def:21983
XCCDF    3
xccdf_org.secpod_benchmark_general_OEL_6
xccdf_org.secpod_benchmark_general_RHEL_6
xccdf_org.secpod_benchmark_general_CENTOS_6

© SecPod Technologies