Samba packages must be removed from AIX. (Cat II impact)
If the smbpasswd file has a mode more permissive than 0600, the smbpasswd file may be maliciously accessed or modified, potentially resulting in the compromise of Samba accounts.
Run the following command to check if samba packages are installed on AIX: # lslpp -l samba* If the above command shows that samba packages are installed, this is a finding.
Run the following command to un-install the samba packages: # installp -ug samba*
Rule ID: SV-215280r508663_rule
Vulnerability ID: V-215280
Group Title: SRG-OS-000480-GPOS-00227
The organization implements the security configuration settings.