An error occurred:

Check: GEN002640

VMware ESX 3 Server: GEN002640 (in version v1 r2)

Title

Default system accounts must be disabled or removed. (Cat II impact)

Discussion

Vendor accounts and software may contain backdoors allowing unauthorized access to the system. These backdoors are common knowledge and present a threat to system security if the account is not disabled.

Check Content

Determine if default system accounts (such as those for sys, bin, uucp, nuucp, daemon, smtp, gdm, lp, nobody) have been disabled. # cat /etc/shadow If an account's password field is "*", "*LK*", or is prefixed with a "!", the account is locked or disabled. If there is any default system accounts not locked, this is a finding.

Fix Text

Lock the default system account(s). # passwd -l <user>

Additional Identifiers

Rule ID: SV-810r2_rule

Vulnerability ID: V-27263

Group Title: GEN002640

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001463

The information system provides the capability to remotely view/hear all content related to an established user session in real time.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check