[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-91157-8

Platform: ubuntu14.04Date: (C)2017-03-14   (M)2023-07-04



Ensure FTP Server is not enabled (Not Scored) The File Transfer Protocol (FTP) provides networked computers with the ability to transfer files.


Parameter:


Technical Mechanism:

FTP does not protect the confidentiality of data or authentication credentials. It is recommended sftp be used if file transfer is required. Unless there is a need to run the system as a FTP server (for example, to allow anonymous downloads), it is recommended that the package be deleted to reduce the potential attack surface. Fix: Remove or comment out start lines in /etc/init/vsftpd.conf: # start on runlevel [2345] or net-device-up IFACE!=lo

CCSS Severity:CCSS Metrics:
CCSS Score : Attack Vector:
Exploit Score: Attack Complexity:
Impact Score: Privileges Required:
Severity: User Interaction:
Vector: Scope:
 Confidentiality:
 Integrity:
 Availability:
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:33877


OVAL    1
oval:org.secpod.oval:def:33877
XCCDF    1
xccdf_org.secpod_benchmark_general_Ubuntu_14_04

© SecPod Technologies