VAMI must remove all mappings to unused scripts.

An XCCDF Rule

Description

<VulnDiscussion>Scripts allow server-side processing on behalf of the hosted application user or as processes needed in the implementation of hosted applications. Removing scripts not needed for application operation or deemed vulnerable helps to secure the web server. To ensure scripts are not added to the web server and run maliciously, script mappings that are not needed or used by the web server for hosted application operation must be removed.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-256657r888493_rule
Severity: Medium
References: CCI-000381
Updated: 8 months ago

Navigate to and open:

/opt/vmware/etc/lighttpd/lighttpd.conf

Configure the "cgi.assign" section to the following:
cgi.assign                 = ( ".py"  => "/usr/bin/python",
                               ".cgi" =>"/usr/bin/python" )

Restart the service with the following command:

# vmon-cli --restart applmgmt

VAMI must remove all mappings to unused scripts.

Description

Remediation - Manual Procedure