| VID |
14076 |
| Severity |
30 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
The host system's UMASK setting is unsafe. umask is a command that determines the settings of a mask that controls which file permissions are set for files and directories when they are created. if file has rwxr-xr-x permission chmod can express it in 755 and umask express it in 022. If the value of UMASK is set unsafely, the access security is vulnerable when directory or file is created.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Set the value of UMASK to 022 in /etc/profile
*in case of some Solaris
Open /etc/default/login and then add the following line
UMASK=022 |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
