[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-27627-9

Platform: apache-httpd2.2Date: (C)2013-02-19   (M)2022-10-10



The Unix permissions for all directories specified by Alias directives should be configured appropriately.


Parameter:

(1) permissions


Technical Mechanism:

(1) via chmod

CCSS Severity:CCSS Metrics:
CCSS Score : Attack Vector:
Exploit Score: Attack Complexity:
Impact Score: Privileges Required:
Severity: User Interaction:
Vector: Scope:
 Confidentiality:
 Integrity:
 Availability:
  

References:
Resource IdReference
CIS Security Configuration Benchmark For Apache Web Server 2.2 Version 3.1.0 June 11th, 20121.3.5 Apache Directory and File Permissions (Level 1, Scorable) The permission on the Apache directories should be rwxr-xr-x (755) and the file permissions should be similar except not executable if executable is not appropriate. Page 22-23
DISA STIG Apache SITE 2.2 for Unix Release: 1 Benchmark Date: 23 Nov 2011Rule Title: The web client account access to the content and scripts directories must be limited to read and execute. STIG ID: WG290 A22 Rule ID: SV-33027r1_rule Vuln ID: V-2258 Severity: CAT I Class: Unclass


CPE    1
cpe:/a:apache:http_server:2.2

© SecPod Technologies