CCE-27696-4| Platform: apache-httpd2.2 | Date: (C)2013-02-19 (M)2022-10-10 |
Apache's process ID (PID) file's Unix permissions should be configured appropriately.
Parameter:
(1) permissions
Technical Mechanism:
(1) via chmod
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : | Attack Vector: |
| Exploit Score: | Attack Complexity: |
| Impact Score: | Privileges Required: |
| Severity: | User Interaction: |
| Vector: | Scope: |
| | Confidentiality: |
| | Integrity: |
| | Availability: |
| | |
References: | Resource Id | Reference |
|---|
| CIS Security Configuration Benchmark For Apache Web Server 2.2 Version 3.1.0 June 11th, 2012 | 1.3.8 Pid File Security (Level 1, Scorable)
Change the permissions so that the directory is only writable by root, or the user under which apache initially starts up (default is root), Page 25 |
| DISA STIG Apache SERVER 2.2 for Unix Release: 1 Benchmark Date: 23 Nov 2011 | Rule Title: The process ID (PID) file must be properly secured.
STIG ID: WA00530 A22 Rule ID: SV-33222r1_rule Vuln ID: V-26305
Severity: CAT II Class: Unclass |
