The ISEC7 SPHERE must remove any unnecessary users or groups that have permissions to the server.xml file in Apache Tomcat.

An XCCDF Rule

Description

<VulnDiscussion>Tomcat uses a port (defaults to 8005) as a shutdown port. Someone could Telnet to the machine using this port and send the default command SHUTDOWN. Tomcat and all web apps would shut down in that case, which is a denial-of-service attack and would cause an unwanted service interruption.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-224790r1013879_rule
Severity: Medium
References: CCI-001813
Updated: 17 days ago

Log in to the ISEC7 SPHERE server.
Browse to ProgramFiles\Isec7 SPHERE\Tomcat\Conf and select Server.xml.
Right-click and select "Properties".
Select the security tab and remove unnecessary accounts or groups that have been granted permissions to the Server.xml file.

The ISEC7 SPHERE must remove any unnecessary users or groups that have permissions to the server.xml file in Apache Tomcat.

Description

Remediation - Manual Procedure