CCE-95786-0Platform: cpe:/o:ubuntu:ubuntu_linux:20.04 | Date: (C)2024-02-12 (M)2024-02-12 |
The /var/log/syslog file on Linux systems contains system messages logged by various services and the kernel. Only authorized personnel should be aware of logs and the details of the logs. It is critical to ensure that the /var/log/syslog directory is protected from unauthorized access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions.
Fixtext:
Configure the Ubuntu operating system to have adm group-own the "/var/log/syslog" file by running the following command:
$ sudo chgrp adm /var/log/syslog.
Parameter:
[Group, owner, Perm 640]
Technical Mechanism:
Configure the Ubuntu operating system to have permissions of 0640 for the "/var/log/syslog" file by running the following command: $ sudo chmod 0640 /var/log/syslog
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.8 | Attack Vector: LOCAL |
Exploit Score: 1.8 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: LOW |
Severity: HIGH | User Interaction: NONE |
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:97839 |