STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

AIX must allow admins to send a message to all the users who logged in currently.

DISA Rule

SV-215400r508663_rule

Vulnerability Number

V-215400

Group Title

SRG-OS-000312-GPOS-00122

Rule Version

AIX7-00-003098

Severity

CAT II

CCI(s)

• CCI-002164 - The organization specifies in the discretionary access control policies that a subject that has been granted access to information can do one or more of the following: pass the information to any other subjects or objects; grant its privileges to other subjects; change security attributes on subjects, objects, the information system, or the information system^s components; choose the security attributes to be associated with newly created or revised objects; and/or change the rules governing access control.
• CCI-002165 - The information system enforces organization-defined discretionary access control policies over defined subjects and objects.

Weight

10

Fix Recommendation

Install the "bos.rte.misc_cmds" package from AIX DVD Volume 1 using the following command (assuming that the DVD device is /dev/cd0):
# installp -aXYgd /dev/cd0 -e /tmp/install.log bos.rte.misc_cmds

Check Contents

Run following command to see if wall command is installed:
# ls -al /usr/sbin/wall

If "/usr/sbin/wall" does not exist, this is a finding.

Vulnerability Number

V-215400

Documentable

False

Rule Version

AIX7-00-003098

Severity Override Guidance

Run following command to see if wall command is installed:
# ls -al /usr/sbin/wall

If "/usr/sbin/wall" does not exist, this is a finding.

Check Content Reference

M

Target Key

4012

Comments