Title

Management Information Base (MIB) files must not have extended ACLs. (Cat II impact)

Discussion

The ability to read the MIB file could impart special knowledge to an intruder or malicious user about the ability to extract compromising information about the system or network.

Check Content

Check the modes for all Management Information Base (MIB) files on the system. # find /etc/sma/snmp/ /etc/snmp/conf/ /var/sma_snmp/ /usr/sfw/lib/sma_snmp/ -type f | grep -i mib | egrep -v '\.conf$' | xargs ls -lL If the permissions include a "+", the file has an extended ACL, this is a finding.

Fix Text

Remove the extended ACL from the file. # chmod A- [mib file]

Additional Identifiers

Rule ID: SV-227880r603266_rule

Vulnerability ID: V-227880

Group Title: SRG-OS-000480

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.