CCE-99440-0Platform: cpe:/o:debian:debian_linux:11.x | Date: (C)2023-02-09 (M)2023-07-14 |
Description: The contents of the `/etc/issue` file are displayed to users prior to login for local terminals.Unix-based systems have typically displayed information about the OS release and patch level upon logging in to the system. This information can be useful to developers who are developing software for a particular OS platform. If `mingetty(8)` supports the following options, they display operating system information: `\\m` - machine architecture `\\r` - operating system release `\\s` - operating system name `v` - operating system version - or the operating system's name Rationale: Warning messages inform users who are attempting to login to the system of their legal status regarding the system and must include the name of the organization that owns the system and any monitoring policies that are in place. Displaying OS and patch level information in login banners also has the side effect of providing detailed system information to attackers attempting to target specific exploits of a system. Authorized users can easily get this information by running the " `uname -a` " command once they have logged in. Audit: Run the following command and verify that the contents match site policy:# cat /etc/issueRun the following command and verify no results are returned:# grep -E -i "(\\v|\\r|\\m|\\s|$(grep '^ID=' /etc/os-release | cut -d= -f2 | sed -e 's/"//g'))" /etc/issue Remediation: Edit the `/etc/issue` file with the appropriate contents according to your site policy, remove any instances of `\\m` , `\\r` , `\\s` , `\\v` or references to the `OS platform`# echo "Authorized uses only. All activity may be monitored and reported." > /etc/issue.
Parameter:
[usgcb_default/dod_default/dod_short]
Technical Mechanism:
An appropriate warning message reinforces policy awareness during the logon
process and facilitates possible legal action against attackers.
CCSS Severity: | CCSS Metrics: |
CCSS Score : 5.3 | Attack Vector: NETWORK |
Exploit Score: 3.9 | Attack Complexity: LOW |
Impact Score: 1.4 | Privileges Required: NONE |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: NONE |
| Availability: NONE |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:87269 |