An error occurred:

Check: GEN008710

VMware ESX 3 Server: GEN008710 (in version v1 r2)

Title

The system boot loader must protect passwords using an MD5 or stronger cryptographic hash. (Cat II impact)

Discussion

If system boot loader passwords are compromised, users with console access to the system may be able to alter the system boot configuration or boot the system into single user or maintenance mode, which could result in Denial-of-Service or unauthorized privileged access to the system.

Check Content

Consult vendor documentation for procedures concerning the system's boot loader. If the boot loader passwords are not protected using an MD5 hash or stronger, this is a finding.

Fix Text

Consult vendor documentation for procedures concerning the system's boot loader. Configure the boot loader to hash boot loader passwords using MD5 or a stronger hash.

Additional Identifiers

Rule ID: SV-30313r1_rule

Vulnerability ID: V-24624

Group Title: GEN008710

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000213

The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-3

Access Enforcement