| VID |
14128 |
| Severity |
30 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
The host system's /usr/bin/last file's permission or owner is unsafe. /usr/bin/last is a command that shows the user's login history and reboot history.
If this file is exposed, serious security problems can occur. So normal users need to be prohibited from accessing this file.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Reset permissions of the file lower than 700 as the following
chmod 700 /usr/bin/last
if the owner of the file is not root or bin or sys, change the owner
chown root /usr/bin/last |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
