STIGQter: STIG Summary: VMware ESX 3 Server Version: 1 Release: 2 Benchmark Date: 22 Jul 2016: The /etc/hosts file must not have an extended ACL.

DISA Rule

SV-25973r1_rule

Vulnerability Number

V-22326

Group Title

GEN001369

Rule Version

GEN001369

Severity

CAT II

CCI(s)

• CCI-000225 - The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

Weight

10

Fix Recommendation

Remove the extended ACL from the /etc/hosts file.

Check Contents

Verify /etc/hosts has no extended ACL.
# ls -lL /etc/hosts
If the permissions include a "+", the file has an extended ACL and this is a finding.

Vulnerability Number

V-22326

Documentable

False

Rule Version

GEN001369

Severity Override Guidance

Verify /etc/hosts has no extended ACL.
# ls -lL /etc/hosts
If the permissions include a "+", the file has an extended ACL and this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

1386

Comments