STIGQter STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

Any active TFTP daemon must be authorized and approved in the system accreditation package.

DISA Rule

SV-227867r603266_rule

Vulnerability Number

V-227867

Group Title

SRG-OS-000480

Rule Version

GEN005140

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Disable the TFTP daemon.
# svcadm disable svc:/network/tftp/*
# svcadm refresh inetd
If TFTP is found enabled, it is a finding if it is not documented.

Check Contents

Determine if the TFTP daemon is active.
# svcs svc:/network/tftp/*
If TFTP is found enabled, it is a finding if it is not documented using site-defined procedures.

Vulnerability Number

V-227867

Documentable

False

Rule Version

GEN005140

Severity Override Guidance

Determine if the TFTP daemon is active.
# svcs svc:/network/tftp/*
If TFTP is found enabled, it is a finding if it is not documented using site-defined procedures.

Check Content Reference

M

Target Key

4061

Comments