| VID |
14109 |
| Severity |
30 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
The ftp account, which is created by default when installing the FTP service and that does not require login, shouldn't be allowed to access to the account by limiting the ftp's shell. Granting a shell to a default account that does not require a login could expose the account to an attacker, resulting in an unauthorized system infiltration.
* Affected platforms:
UNIX, Linux |
| Recommendation |
Follow the steps below to restrict the shell of the ftp account.
1. Open the "/etc/passwd"
2. Change login shell part of the ftp account to /bin/false
(Before) ftp:x:500:100:Anonymous FTP USER:/var/ftp:/sbin/bash
(After) ftp:x:500:100:Anonymous FTP USER:/var/ftp:/bin/false |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
