STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: User passwords must be changed at least every 60 days.

DISA Rule

SV-64083r1_rule

Vulnerability Number

V-11976

Group Title

GEN000700

Rule Version

GEN000700

Severity

CAT II

CCI(s)

CCI-000180 - The organization manages information system authenticators by establishing maximum lifetime restrictions for authenticators.

Weight

Fix Recommendation

Set the max days field to 60 for all user accounts.
# passwd -x 60 <user>

Check Contents

Check the max days field (the 5th field) of /etc/shadow.
# more /etc/shadow
If the max days field is equal to 0 or greater than 60 for any user, this is a finding.

Vulnerability Number

V-11976

Documentable

False

Rule Version

GEN000700

Severity Override Guidance

Check the max days field (the 5th field) of /etc/shadow.
# more /etc/shadow
If the max days field is equal to 0 or greater than 60 for any user, this is a finding.

STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: User passwords must be changed at least every 60 days.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments