OL6-00-000261 - The Automatic Bug Reporting Tool (abrtd) service must not be running - PROCESS_CHECK

Information

Mishandling crash data could expose sensitive information about vulnerabilities in software executing on the local machine, as well as sensitive information from within a process's address space or registers.

Solution

The Automatic Bug Reporting Tool ('abrtd') daemon collects and reports crash data when an application crash is detected. Using a variety of plugins, abrtd can email crash reports to system administrators, log crash reports to files, or forward crash reports to a centralized issue-tracking system such as the operating system vendor's centralized issue-tracking system. The 'abrtd' service can be disabled with the following commands:

# chkconfig abrtd off
# service abrtd stop

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_6_V2R7_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., CAT|III, CCI|CCI-000382, Rule-ID|SV-208937r793723_rule, STIG-ID|OL6-00-000261, STIG-Legacy|SV-65037, STIG-Legacy|V-50831, Vuln-ID|V-208937

Plugin: Unix

Control ID: 864c77c5b867e73dc695980e10717a07e8e706ccf36224a4649051dea478f9d7