CCE-95065-9Platform: cpe:/o:ubuntu:ubuntu_linux:20.04, cpe:/o:ubuntu:ubuntu_linux:22.04, cpe:/o:ubuntu:ubuntu_linux:23.04 | Date: (C)2020-10-15 (M)2023-09-01 |
The /etc/shadow file contains the one-way cipher text passwords for each user defined in the /etc/passwd file. The command below sets the user and group ownership of the file to root.
UID - User Identifier is a number assigned by Linux to each user on the system. This number is used to identify the user to the system and to determine which system resources the user can access. UIDs are stored in the /etc/passwd file:
Rationale:
If attackers can gain read access to the /etc/shadow file, they can easily run a password cracking program against the hashed password to break it. Other security information that is stored in the /etc/shadow file (such as expiration) could also be useful to subvert the user accounts.
Fix:
If the ownership of the /etc/shadow file are incorrect, run the following command to correct them:
# /bin/chown root:shadow /etc/shadow
Parameter:
[UID of ROOT, GID of shadow]
Technical Mechanism:
If the ownership of the /etc/shadow file are incorrect, run the following command to correct them:
# /bin/chown root:shadow /etc/shadow
CCSS Severity: | CCSS Metrics: |
CCSS Score : 8.4 | Attack Vector: LOCAL |
Exploit Score: 2.5 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:85141 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:92242 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:65964 |