[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90931-7

Platform: rhel7,centos7Date: (C)2017-06-29   (M)2022-10-10



Disable Automatic Bug Reporting Tool (abrtd) The Automatic Bug Reporting Tool ('abrtd') daemon collects and reports crash data when an application crash is detected. Using a variety of plugins, abrtd can email crash reports to system administrators, log crash reports to files, or forward crash reports to a centralized issue tracking system such as RHTSupport. The 'abrtd' service can be disabled with the following command: '$ sudo systemctl disable abrtd'


Parameter:


Technical Mechanism:

Mishandling crash data could expose sensitive information about vulnerabilities in software executing on the local machine, as well as sensitive information from within a process's address space or registers. Fix: # # Disable abrtd.service for all systemd targets # systemctl disable abrtd.service # # Stop abrtd.service if currently running # systemctl stop abrtd.service

CCSS Severity:CCSS Metrics:
CCSS Score : Attack Vector:
Exploit Score: Attack Complexity:
Impact Score: Privileges Required:
Severity: User Interaction:
Vector: Scope:
 Confidentiality:
 Integrity:
 Availability:
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:30587
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31310


OVAL    2
oval:org.secpod.oval:def:30587
oval:org.secpod.oval:def:31310

© SecPod Technologies