CCE-95785-2Platform: cpe:/o:ubuntu:ubuntu_linux:20.04 | Date: (C)2024-02-12 (M)2024-02-12 |
Linux has a special directory for storing logs called /var/log. This directory contains logs from the OS itself, services, and various applications running on the system. Only authorized personnel should be aware of logs and the details of the logs. It is critical to ensure that the /var/log directory is protected from unauthorized access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions.
Fixtext:
Configure the Ubuntu operating system to have syslog group-own the "/var/log" directory by running the following command:
$ sudo chgrp syslog /var/log
Parameter:
[group, root, Perm 755]
Technical Mechanism:
Configure the Ubuntu operating system to have permissions of "0755" for the "/var/log" directory by running the following command:
$ sudo chmod 0755 /var/log
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.8 | Attack Vector: LOCAL |
Exploit Score: 1.8 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: LOW |
Severity: HIGH | User Interaction: NONE |
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:97838 |