| VID |
14083 |
| Severity |
30 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
server.xml which is the configuration file of WebSphere Application Server is not safe for secuirty reasons.
server.xml is the configuration file which has the information related to the server (process definition, security,...). If there is permission to write to the file, Serious problems can occur for secuirty reason. Therefore, Restriction is necessary for non-administrative users to write.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Remove other user's write permissions from the file as the following
chmod o-w (if the group has write permission: g-w) ./server.xml
ex) chmod o-w {was_profile_root}/<AppSrv_name>/config/cells/<Cell_name>/nodes/<hostname>Node01/servers/<AppServer Name>/server.xml
ex) chmod g-w {was_profile_root}/<AppSrv_name>/config/cells/<Cell_name>/nodes/<hostname>Node01/servers/<AppServer Name>/server.xml |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
