Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. The system must not use removable media as the boot loader. If the system's boot loader does not require authentication, users with console access to the system may be able to alter the system boot configuration or boot the system into single user or. The system boot loader must require authentication. Specific exceptions for local service administration should be documented in. If a web browser flaw is exploited while running as a privileged user, the entire system could be compromised. If an anonymous FTP account has been configured to use a functional shell, attackers could gain access to the shell if the account is compromised.Īdministrative accounts must not run a web browser, except as needed for local service administration. This is.Īnonymous FTP accounts must not have a functional shell.
If a user accesses the root account (or any account) using an unencrypted connection, the password is passed over the network in clear text form and is subject to interception and misuse. Root passwords must never be passed over a network in clear text form. Findings (MAC III - Administrative Sensitive) Finding ID
0 kommentar(er)
