Title

E-mail application installation is sharing a partition with another application. (Cat II impact)

Discussion

In the same way that added security layers can provide a cumulative positive effect on security posture, multiple applications can provide a cumulative negative effect. A vulnerability and subsequent exploit to one application can lead to an exploit of other applications sharing the same security context. For example, an exploit to a web server process that leads to unauthorized administrative access to the host system can most likely lead to a compromise of all applications hosted by the same system. E-Mail services should be installed to a descrete set of directories, on a partition that does not host other applications. E-Mail services should never be installed on a Domain Controller / Directory Services server.

Check Content

Interview the E-mail Administrator. Procedure: Start >> Programs >> All Programs. Review all the programs listed to ensure that no E-mail servers, office programs, database programs, etc., are installed. If they are, ask the E-mail Administrator about their function and purpose. Criteria: If E-mail services reside on dedicated directories or partitions and do not co-host other applications (without associated approval from the IAO), this is not a finding.

Fix Text

Procedure: Install E-mail services on dedicated partitions. E-mail services software must not share a directory or partition with other software or the host operating system.

Additional Identifiers

Rule ID: SV-20405r1_rule

Vulnerability ID: V-18731

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.