DISA_STIG_Oracle_Linux_7_v2r11.audit from DISA Oracle Linux 7 v2r11 STIG

OL07-00-010010 - The Oracle Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.

CAT|I

CCI|CCI-001494

CCI|CCI-001496

Rule-ID|SV-221652r880585_rule

STIG-ID|OL07-00-010010

STIG-Legacy|SV-108149

STIG-Legacy|V-99045

Vuln-ID|V-221652

OL07-00-010019 - The Oracle Linux operating system must ensure cryptographic verification of vendor software packages.

CAT|II

CCI|CCI-001749

Rule-ID|SV-256975r902762_rule

STIG-ID|OL07-00-010019

Vuln-ID|V-256975

OL07-00-010020 - The Oracle Linux operating system must be configured so that the cryptographic hash of system files and commands matches vendor values.

Rule-ID|SV-221653r853660_rule

STIG-ID|OL07-00-010020

STIG-Legacy|SV-108151

STIG-Legacy|V-99047

Vuln-ID|V-221653

OL07-00-010030 - The Oracle Linux operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon.

CCI|CCI-000048

CCI|CCI-000050

CCI|CCI-001384

CCI|CCI-001385

CCI|CCI-001386

CCI|CCI-001387

CCI|CCI-001388

Rule-ID|SV-221654r603260_rule

STIG-ID|OL07-00-010030

STIG-Legacy|SV-108153

STIG-Legacy|V-99049

Vuln-ID|V-221654

OL07-00-010040 - The Oracle Linux operating system must display the approved Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon.

Rule-ID|SV-221655r603260_rule

STIG-ID|OL07-00-010040

STIG-Legacy|SV-108155

STIG-Legacy|V-99051

Vuln-ID|V-221655

OL07-00-010050 - The Oracle Linux operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a command line user logon.

Rule-ID|SV-221656r603260_rule

STIG-ID|OL07-00-010050

STIG-Legacy|SV-108157

STIG-Legacy|V-99053

Vuln-ID|V-221656

OL07-00-010060 - The Oracle Linux operating system must enable a user session lock until that user re-establishes access using established identification and authentication procedures.

CCI|CCI-000056

CCI|CCI-000058

Rule-ID|SV-221657r880600_rule

STIG-ID|OL07-00-010060

STIG-Legacy|SV-108159

STIG-Legacy|V-99055

Vuln-ID|V-221657

OL07-00-010061 - The Oracle Linux operating system must uniquely identify and must authenticate users using multifactor authentication via a graphical user logon.

CCI|CCI-001948

Rule-ID|SV-221658r853661_rule

STIG-ID|OL07-00-010061

STIG-Legacy|SV-108161

STIG-Legacy|V-99057

Vuln-ID|V-221658

OL07-00-010062 - The Oracle Linux operating system must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface.

CCI|CCI-000057

Rule-ID|SV-221659r880603_rule

STIG-ID|OL07-00-010062

STIG-Legacy|SV-108163

STIG-Legacy|V-99059

Vuln-ID|V-221659

OL07-00-010063 - The Oracle Linux operating system must disable the login screen user list for graphical user interfaces.

CCI|CCI-000366

Rule-ID|SV-256976r902765_rule

STIG-ID|OL07-00-010063

Vuln-ID|V-256976

OL07-00-010070 - The Oracle Linux operating system must initiate a screensaver after a 15-minute period of inactivity for graphical user interfaces.

Rule-ID|SV-221660r880606_rule

STIG-ID|OL07-00-010070

STIG-Legacy|SV-108165

STIG-Legacy|V-99061

Vuln-ID|V-221660

OL07-00-010081 - The Oracle Linux operating system must prevent a user from overriding the screensaver lock-delay setting for the graphical user interface.

Rule-ID|SV-221661r880609_rule

STIG-ID|OL07-00-010081

STIG-Legacy|SV-108167

STIG-Legacy|V-99063

Vuln-ID|V-221661

OL07-00-010082 - The Oracle Linux operating system must prevent a user from overriding the session idle-delay setting for the graphical user interface.

Rule-ID|SV-221662r880612_rule

STIG-ID|OL07-00-010082

STIG-Legacy|SV-108169

STIG-Legacy|V-99065

Vuln-ID|V-221662

OL07-00-010090 - The Oracle Linux operating system must have the screen package installed.

Rule-ID|SV-255900r880615_rule

STIG-ID|OL07-00-010090

Vuln-ID|V-255900

OL07-00-010100 - The Oracle Linux operating system must initiate a session lock for the screensaver after a period of inactivity for graphical user interfaces.

Rule-ID|SV-221664r880618_rule

STIG-ID|OL07-00-010100

STIG-Legacy|SV-108173

STIG-Legacy|V-99069

Vuln-ID|V-221664

OL07-00-010101 - The Oracle Linux operating system must prevent a user from overriding the screensaver idle-activation-enabled setting for the graphical user interface.

Rule-ID|SV-221665r880621_rule

STIG-ID|OL07-00-010101

STIG-Legacy|SV-108175

STIG-Legacy|V-99071

Vuln-ID|V-221665

OL07-00-010110 - The Oracle Linux operating system must initiate a session lock for graphical user interfaces when the screensaver is activated.

Rule-ID|SV-221666r880624_rule

STIG-ID|OL07-00-010110

STIG-Legacy|SV-108177

STIG-Legacy|V-99073

Vuln-ID|V-221666

OL07-00-010118 - The Oracle Linux operating system must be configured so that /etc/pam.d/passwd implements /etc/pam.d/system-auth when changing passwords.

CCI|CCI-000192

Rule-ID|SV-221667r603260_rule

STIG-ID|OL07-00-010118

STIG-Legacy|SV-108179

STIG-Legacy|V-99075

Vuln-ID|V-221667

OL07-00-010119 - The Oracle Linux operating system must be configured so that when passwords are changed or new passwords are established, pwquality must be used.

Rule-ID|SV-221668r902779_rule

STIG-ID|OL07-00-010119

STIG-Legacy|SV-108181

STIG-Legacy|V-99077

Vuln-ID|V-221668

OL07-00-010120 - The Oracle Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one upper-case character.

Rule-ID|SV-221669r603260_rule

STIG-ID|OL07-00-010120

STIG-Legacy|SV-108183

STIG-Legacy|V-99079

Vuln-ID|V-221669

OL07-00-010130 - The Oracle Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one lower-case character.

CCI|CCI-000193

Rule-ID|SV-221670r603260_rule

STIG-ID|OL07-00-010130

STIG-Legacy|SV-108185

STIG-Legacy|V-99081

Vuln-ID|V-221670

OL07-00-010140 - The Oracle Linux operating system must be configured so that when passwords are changed or new passwords are assigned, the new password must contain at least one numeric character.

CCI|CCI-000194

Rule-ID|SV-221671r603260_rule

STIG-ID|OL07-00-010140

STIG-Legacy|SV-108187

STIG-Legacy|V-99083

Vuln-ID|V-221671

OL07-00-010150 - The Oracle Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one special character.

CCI|CCI-001619

Rule-ID|SV-221672r603260_rule

STIG-ID|OL07-00-010150

STIG-Legacy|SV-108189

STIG-Legacy|V-99085

Vuln-ID|V-221672

OL07-00-010160 - The Oracle Linux operating system must be configured so that when passwords are changed a minimum of eight of the total number of characters must be changed.

CCI|CCI-000195

Rule-ID|SV-221673r603260_rule

STIG-ID|OL07-00-010160

STIG-Legacy|SV-108191

STIG-Legacy|V-99087

Vuln-ID|V-221673

OL07-00-010170 - The Oracle Linux operating system must be configured so that when passwords are changed a minimum of four character classes must be changed.

Rule-ID|SV-221674r603260_rule

STIG-ID|OL07-00-010170

STIG-Legacy|SV-108193

STIG-Legacy|V-99089

Vuln-ID|V-221674

OL07-00-010180 - The Oracle Linux operating system must be configured so that when passwords are changed the number of repeating consecutive characters must not be more than three characters.

Rule-ID|SV-221675r603260_rule

STIG-ID|OL07-00-010180

STIG-Legacy|SV-108195

STIG-Legacy|V-99091

Vuln-ID|V-221675

OL07-00-010190 - The Oracle Linux operating system must be configured so that when passwords are changed the number of repeating characters of the same character class must not be more than four characters.

Rule-ID|SV-221676r809140_rule

STIG-ID|OL07-00-010190

STIG-Legacy|SV-108197

STIG-Legacy|V-99093

Vuln-ID|V-221676

OL07-00-010199 - The Oracle Linux operating system must be configured to prevent overwriting of custom authentication configuration settings by the authconfig utility. - password-auth

CCI|CCI-000196

Rule-ID|SV-255902r902781_rule

STIG-ID|OL07-00-010199

Vuln-ID|V-255902

OL07-00-010199 - The Oracle Linux operating system must be configured to prevent overwriting of custom authentication configuration settings by the authconfig utility. - system-auth

OL07-00-010200 - The Oracle Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords.

Rule-ID|SV-221677r880672_rule

STIG-ID|OL07-00-010200

STIG-Legacy|SV-108199

STIG-Legacy|V-99095

Vuln-ID|V-221677

OL07-00-010210 - The Oracle Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords.

Rule-ID|SV-221678r877397_rule

STIG-ID|OL07-00-010210

STIG-Legacy|SV-108201

STIG-Legacy|V-99097

Vuln-ID|V-221678

OL07-00-010220 - The Oracle Linux operating system must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords.

Rule-ID|SV-221680r877397_rule

STIG-ID|OL07-00-010220

STIG-Legacy|SV-108203

Detections

Analytics

Revision 1.5

Sep 19, 2023

Functional Update

Miscellaneous