STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The ASET master files must be located in the /usr/aset/masters directory.

DISA Rule

SV-220070r603266_rule

Vulnerability Number

V-220070

Group Title

SRG-OS-000016

Rule Version

GEN000000-SOL00120

Severity

CAT II

CCI(s)

• CCI-000032 - The information system enforces information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows.
• CCI-000225 - The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

Weight

10

Fix Recommendation

Install the default ASET configuration files.

Check Contents

Verify ASET is being used.

# crontab -l |grep aset

If there is an output, then check to make sure the files in question are in the /usr/aset/masters directory.

# ls -l /usr/aset/masters

The following files should be in the listing: tune.high, tune.low, tune.med, and uid_aliases. If any of the files are not in the directory listing, this is a finding.

Vulnerability Number

V-220070

Documentable

False

Rule Version

GEN000000-SOL00120

Severity Override Guidance

Verify ASET is being used.

# crontab -l |grep aset

If there is an output, then check to make sure the files in question are in the /usr/aset/masters directory.

# ls -l /usr/aset/masters

The following files should be in the listing: tune.high, tune.low, tune.med, and uid_aliases. If any of the files are not in the directory listing, this is a finding.

Check Content Reference

M

Target Key

4061

Comments