An error occurred:

Check: GEN005140

Solaris 10 X86 STIG: GEN005140 (in versions v2 r4 through v1 r17)

Title

Any active TFTP daemon must be authorized and approved in the system accreditation package. (Cat I impact)

Discussion

TFTP is a file transfer protocol often used by embedded systems to obtain configuration data or software. The service is unencrypted and does not require authentication of requests. Data available using this service may be subject to unauthorized access or interception.

Check Content

Determine if the TFTP daemon is active. # svcs svc:/network/tftp/* If TFTP is found enabled, it is a finding if it is not documented using site-defined procedures.

Fix Text

Disable the TFTP daemon. # svcadm disable svc:/network/tftp/* # svcadm refresh inetd If TFTP is found enabled, it is a finding if it is not documented.

Additional Identifiers

Rule ID: SV-227867r603266_rule

Vulnerability ID: V-227867

Group Title: SRG-OS-000480

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000366

The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6

Configuration Settings