[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-95736-5

Platform: cpe:/o:ubuntu:ubuntu_linux:20.04, cpe:/o:ubuntu:ubuntu_linux:22.04Date: (C)2023-12-15   (M)2023-12-20



Description: Audit tools include, but are not limited to, vendor-provided and open source audit tools needed to successfully view and manipulate audit information system activity and records. Audit tools include custom queries and report generators. Rationale: Protecting audit information includes identifying and protecting the tools used to view and manipulate log data. Protecting audit tools is necessary to prevent unauthorized operation on audit informationRemediation: Run the following command to set permissions on audit configuration files: # chown root:root /sbin/auditctl /sbin/aureport /sbin/ausearch /sbin/autrace /sbin/auditd /sbin/augenrules


Parameter:

[root]


Technical Mechanism:

Run the following command to set user ownership on audit tools: chown root /sbin/auditctl /sbin/aureport /sbin/ausearch /sbin/autrace /sbin/auditd /sbin/augenrules

CCSS Severity:CCSS Metrics:
CCSS Score : 6.6Attack Vector: LOCAL
Exploit Score: 1.8Attack Complexity: LOW
Impact Score: 4.7Privileges Required: LOW
Severity: MEDIUMUser Interaction: NONE
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:LScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: LOW
 Availability: LOW
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:95957
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:95870
OVAL    2
oval:org.secpod.oval:def:95957
oval:org.secpod.oval:def:95870
XCCDF    2
xccdf_org.secpod_benchmark_general_Ubuntu_22.04
xccdf_org.secpod_benchmark_general_Ubuntu_20.04

© SecPod Technologies