[Forgot Password]
Login  Register Subscribe

24437

 
 

132035

 
 

118989

 
 

909

 
 

93902

 
 

143

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-91257-6

Platform: ubuntu14.04Date: (C)2017-03-14   (M)2019-02-28



Verify Permissions on /etc/shadow (Scored) The /etc/shadow file is used to store the information about user accounts that is critical to the security of those accounts, such as the hashed password and other security information.


Parameter:


Technical Mechanism: If attackers can gain read access to the /etc/shadow file, they can easily run a password cracking program against the hashed password to break it. Other security information that is stored in the /etc/shadow file (such as expiration) could also be useful to subvert the user accounts. Fix: If the permissions of the /etc/shadow file are incorrect, run the following commands to correct them: # /bin/chmod o-rwx,g-rw /etc/shadow

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:33953


OVAL    1
oval:org.secpod.oval:def:33953
XCCDF    2
xccdf_org.secpod_benchmark_general_Ubuntu_14_04
xccdf_org.secpod_benchmark_SecPod_Ubuntu_14_04

© SecPod Technologies