STIGQter STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The /etc/gshadow file must not contain any group password hashes.

DISA Rule

SV-62767r1_rule

Vulnerability Number

V-22349

Group Title

GEN000000-LNX001476

Rule Version

GEN000000-LNX001476

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit /etc/gshadow and change the password field to an exclamation point (!) to lock the group password.

Check Contents

Check the /etc/gshadow file for password hashes.
# cut -d : -f 2 /etc/gshadow | egrep -v '^(x|!!)$'
If any password hashes are returned, this is a finding.

Vulnerability Number

V-22349

Documentable

False

Rule Version

GEN000000-LNX001476

Severity Override Guidance

Check the /etc/gshadow file for password hashes.
# cut -d : -f 2 /etc/gshadow | egrep -v '^(x|!!)$'
If any password hashes are returned, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

2207

Comments