| VID |
14143 |
| Severity |
30 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
The host system's /etc/security/login.cfg file's settings are unsafe. /etc/security/login.cfg is a file that can be set to defend against password brute force attacks.
If the value of this file is vulnerable, the system can be vulnerable to password brute force attacks.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Reset settings of the file as the following
Set logindisable to a value greater than or equal to 10
Set logininterval to a value greater than or equal to 60
Set loginreenable to a value greater than or equal to 30 |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
