|
String ID: STKU_SUNOS_UNSECURE_TFTP
Category: Change Notification
|
UNIX (6339)
|
Title: TFTP daemon is not running in secure mode
Description:The TFTP daemon is not running in secure mode. There
are known security problems with TFTP that can be overcome by
running the TFTP daemon in secure mode. To run the TFTP daemon in
secure mode, add the -s option to the TFTP entry in the
/etc/inetd.conf file.
|
Severity: red-4
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_ULTRIX_UNSECURE_TFTP
Category: Change Notification
|
UNIX (6340)
|
Title: TFTP daemon is not running in secure mode
Description:The TFTP daemon is not running in secure mode. There
are known security problems with TFTP that can be overcome by
running the TFTP daemon in secure mode. To run the TFTP daemon in
secure mode, add the -r option to the TFTP entry in the
/etc/inetd.conf file.
|
Severity: red-4
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_AIX_UNSECURE_TFTP
Category: Change Notification
|
UNIX (6341)
|
Title: TFTP daemon is not configured securely
Description:The TFTP daemon is not configured securely. To run
TFTP in secure mode, the /etc/tftpaccess.ctl file must exist, be
owned by root, have permissions of 644, and contain valid "allow:"
and "deny:" entries. This is an immediate security problem because
it allows anyone with access to your network to obtain any file
with other read access. This includes the /etc/passwd file. You
should either create /etc/tftpaccess.ctl with allow and deny
entries or disable TFTP.
|
Severity: red-4
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_TFTP_ACC_MISS
Category: Change Notification
|
UNIX (6342)
|
Title: No TFTP user account
Description:Your /etc/inetd.conf file is configured to run
tftpd, but you do not have a TFTP account in /etc/passwd. You
should add the TFTP user account to your passwd file. Specify a
path argument with the tftpd command in your inetd.conf file to run
TFTP. This will restrict client access to files that can be read or
written by this user.
|
Severity: yellow-1
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_TFTP_BAD_SHELL
Category: Change Notification
|
UNIX (6343)
|
Title: Shell used by TFTP user account is bad
Description:The shell used by the TFTP user account is either
missing or is not the shell /bin/false. This is a security problem
if a user can login through the TFTP account. You should set the
shell for the TFTP account to /bin/false.
|
Severity: yellow-1
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_TFTP_BAD_DIR
Category: Change Notification
|
UNIX (6344)
|
Title: Home directory for TFTP account not set
Description:The TFTP daemon will not run because the home
directory for the TFTP account is missing from the passwd file. You
should change the TFTP account's home directory to a directory
owned by TFTP.
|
Severity: green-0
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_TFTP_NOHOME
Category: Change Notification
|
UNIX (6345)
|
Title: TFTP account does not have a home directory
Description:The TFTP daemon will not run because the TFTP
account does not have a home directory. You should create a home
directory that is owned by the TFTP account.
|
Severity: green-0
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_TFTP_BAD_UID
Category: Change Notification
|
UNIX (6346)
|
Title: TFTP account does not own its home directory
Description:The TFTP daemon will not run because the UID of the
TFTP account does not match the UID of the home directory for the
TFTP account. This is a security problem if the TFTP home directory
has been changed. You should carefully check the directory and
ownerships and make appropriate changes.
|
Severity: green-0
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_AIX_TFTPACCESS
Category: Change Notification
|
UNIX (6389)
|
Title: TFTP daemon allows/denies access on directory
Description:Following is a list of directories that are allowed
and denied access by TFTP. Check the listed directories and their
subdirectories to be sure they contain only files that you want to
make available to anyone on your network.
|
Severity: green-0
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_AIX_TFTPDENY
Category: Change Notification
|
UNIX (6390)
|
Title: TFTP daemon does not allow access on any directories
Description:The TFTP daemon will not "allow:" any TFTP user to
access any of the directories on your system. The
/etc/tftpaccess.ctl file does not contain an "allow:" statement.
You should either add at least one "allow:" statement to the
/etc/tftpaccess.ctl file to run TFTP in a reliable secure mode or
disable the TFTP daemon on your system.
|
Severity: green-0
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_NOTFTP
Category: Change Notification
|
UNIX (6392)
|
Title: TFTP is not configured on your system
Description:TFTP is not configured on your system. The TFTP
daemon must be listed in /etc/inetd.conf or enabled in
/etc/xinetd.d/tftp for TFTP to function. This message provides
information but does not require any security action on your
part.
|
Severity: green-0
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_AIX_NO_TFTPACCESS
Category: Change Notification
|
UNIX (6393)
|
Title: TFTP is not secure; tpaccess.ctl is missing
Description:Tftpd is not running in secure mode. The
/etc/tftpaccess.ctl file must exist and contain "deny:" and
"allow:" entries if you want to run tftpd in secure mode. You
should create this file. It must be owned by root and have
permission bits set to 644.
|
Severity: red-4
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_AIX_BAD_TFTPACCESS
Category: Change Notification
|
UNIX (6394)
|
Title: TFTP is not secure; tftpaccess.ctl is ineffective
Description:Tftpd is not running in secure mode. The
/etc/tftpaccess.ctl file must be owned by root and have permission
bits set to 644. To run TFTP in secure mode, you must change the
owner and/or permissions of this file.
|
Severity: red-4
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_AIX_WRONG_USER
Category: Change Notification
|
UNIX (6395)
|
Title: The tftpd server does not have the nobody user ID
Description:The tftpd server should have a user ID with the
least privileges possible. The nobody ID allows the least
permissions and is the default user ID. You should edit the tftp
line in /etc/inet.conf to change the user ID to nobody.
|
Severity: yellow-1
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_AIX_REMOTE_CREATE
Category: Change Notification
|
UNIX (6396)
|
Title: The tftpd server allows remote users to create files
Description:The tftpd server has been started with the -n
option, which allows remote users to create files on the system.
You should edit the tftp line in /etc/inetd.conf and remove the -n
option.
|
Severity: yellow-1
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_AIX_DEFAULT_DIR
Category: Change Notification
|
UNIX (6397)
|
Title: A default TFTP destination directory has been
specified
Description:The path listed has been specified as the default
destination directory. This directory will be used as the home
directory for incoming files only. It will be used only if a full
pathname is not specified. This message provides information but
does not require any security action on your part.
|
Severity: green-0
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_AIX_TX_LOGGING
Category: Change Notification
|
UNIX (6398)
|
Title: TFTP transfer logging is not enabled
Description:The tftpd server was not started with the '-v' flag.
This flag will cause messages to be logged when any file is
successfully transfered by the tftpd daemon. Log entries keep track
of who is transfering files to and from the system with the tftpd
daemon. This could be useful in tracking a suspected security
breach.
|
Severity: yellow-1
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_AIX_ADDR_LOGGING
Category: Change Notification
|
UNIX (6399)
|
Title: The tftpd server is logging IP addresses with errors
Description:The tftpd server was started with the -i flag. The
IP address of the calling machine will be logged with error
messages. This message provides information but does not require
any security action on your part.
|
Severity: green-0
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_AIX_ADDR2HOST
Category: Change Notification
|
UNIX (6400)
|
Title: The tftpd server is converting IP addresses to host
names
Description:The tftpd server was started with the '-r' flag. The
TFTP daemon will attempt to convert the IP address of the calling
machine to the appropriate host name before messages are logged.
This flag must be used with the '-i' or '-v' flag. This message
provides information but does not require any security action on
your part.
|
Severity: green-0
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_AIX_SOCKLVL_DEBUG
Category: Change Notification
|
UNIX (6401)
|
Title: Tftpd socket-level debugging is enabled
Description:The tftpd server was started with the '-v' flag.
This flag turns on socket level debugging. This message provides
information but does not require any security action on your
part.
|
Severity: green-0
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_HASTFTP
Category: Change Notification
|
UNIX (6402)
|
Title: TFTP is configured on your system
Description:TFTP is configured on your system. The TFTP daemon
must be listed in /etc/inetd.conf or enabled in /etc/xinetd.d/tftp
for TFTP to function. The TFTP daemon should be disabled because it
is considered to be insecure.
|
Severity: yellow-1
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_SGID_TFTPD
Category: Change Notification
|
UNIX (6404)
|
Title: TFTP daemon running as SGID
Description:The TFTP daemon is running as SGID, which poses a
security risk. The TFTP daemon should be disabled because it is
considered to be insecure.
|
Severity: yellow-1
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_SUID_TFTPD
Category: Change Notification
|
UNIX (6405)
|
Title: TFTP daemon running as SUID
Description:The TFTP daemon is running as SUID, which poses a
security risk. The TFTP daemon should be disabled because it is
considered to be insecure.
|
Severity: yellow-1
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
