| VID |
14053 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
The host system's /etc/passwd file's permission or owner is unsafe. /etc/passwd is very an important file that contains user id, password(displayed as 'x'), UID, GID, HOME directory, shell information. If this file is exposed serious security problems can occur. so normal users need to be prohibited from accessing this file.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Reset permissions of the file lower than 644 as the following
chmod 644 /etc/passwd
if the owner of the file is not root, change the owner
chown root /etc/passwd |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
