SLES-12-010111 - The SUSE operating system must restrict privilege elevation to authorized personnel.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the 'sudoers' file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.

Solution

Remove the following entries from the sudoers file:
ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SLES_12_V2R13_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000366, Rule-ID|SV-237603r646772_rule, STIG-ID|SLES-12-010111, Vuln-ID|V-237603

Plugin: Unix

Control ID: f9999f038f23aca5f881cd69e812fbbc928299c42bab6138a7909444e72568ab