RHEL-06-000261 - The Automatic Bug Reporting Tool (abrtd) service must not be running - 'PROCESS_CHECK'.

Information

Mishandling crash data could expose sensitive information about vulnerabilities in software executing on the local machine, as well as sensitive information from within a process's address space or registers.

Solution

The Automatic Bug Reporting Tool ('abrtd') daemon collects and reports crash data when an application crash is detected. Using a variety of plugins, abrtd can email crash reports to system administrators, log crash reports to files, or forward crash reports to a centralized issue tracking system such as RHTSupport. The 'abrtd' service can be disabled with the following commands:

# chkconfig abrtd off
# service abrtd stop

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_6_V2R2_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., CAT|III, CCI|CCI-000382, Rule-ID|SV-218015r603264_rule, STIG-ID|RHEL-06-000261, STIG-Legacy|SV-50441, STIG-Legacy|V-38640, Vuln-ID|V-218015

Plugin: Unix

Control ID: 8f3810d50cb52e79ec4de59708b8ea7112420b5240bf21102ccda5eadb5a080d