STIGQter: STIG Summary: Red Hat Enterprise Linux 7 Security Technical Implementation Guide Version: 3 Release: 3 Benchmark Date: 23 Apr 2021:

The Red Hat Enterprise Linux operating system must not have the Trivial File Transfer Protocol (TFTP) server package installed if not required for operational support.

DISA Rule

SV-204621r603261_rule

Vulnerability Number

V-204621

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

RHEL-07-040700

Severity

CAT I

CCI(s)

• CCI-000368 - The organization documents any deviations from the established configuration settings for organization-defined information system components based on organization-defined operational requirements.
• CCI-001813 - The information system enforces access restrictions.
• CCI-001814 - The Information system supports auditing of the enforcement actions.
• CCI-001812 - The information system prohibits user installation of software without explicit privileged status.
• CCI-000318 - The organization audits and reviews activities associated with configuration-controlled changes to the system.

Weight

10

Fix Recommendation

Remove the TFTP package from the system with the following command:

# yum remove tftp-server

Check Contents

Verify a TFTP server has not been installed on the system.

Check to see if a TFTP server has been installed with the following command:

# yum list installed tftp-server
tftp-server-0.49-9.el7.x86_64.rpm

If TFTP is installed and the requirement for TFTP is not documented with the ISSO, this is a finding.

Vulnerability Number

V-204621

Documentable

False

Rule Version

RHEL-07-040700

Severity Override Guidance

Verify a TFTP server has not been installed on the system.

Check to see if a TFTP server has been installed with the following command:

# yum list installed tftp-server
tftp-server-0.49-9.el7.x86_64.rpm

If TFTP is installed and the requirement for TFTP is not documented with the ISSO, this is a finding.

Check Content Reference

M

Target Key

2899

Comments