Korean
<< Back
VID 14147
Severity 30
Port 22
Protocol TCP
Class LSC
Detailed Description The host system's /var/adm/sulog file's permission or owner is unsafe. /var/adm/sulog is a log file that get administrator privileges through the su command.
If this file is exposed, serious security problems can occur. So normal users need to be prohibited from accessing this file.

* Platforms Affected:
UNIX, Linux
Recommendation Reset permissions of the file lower than 600 as the following
chmod 600 /var/adm/sulog

if the owner of the file is not root, change the owner
chown root /var/adm/sulog
Related URL (CVE)
Related URL (SecurityFocus)
Related URL (ISS)