Detections
Analytics
GEN008420 - The system must use available memory address randomization techniques.
Information
Successful exploitation of buffer overflow vulnerabilities relies in some measure to having a predictable address structure of the executing program. Address randomization techniques reduce the probability of a successful exploit.Solution
Edit the kernel boot parameters, or '/etc/sysctl.conf', and set exec-shield to '1'. Reboot the system.See Also
http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip
Item Details
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6b., CAT|III, CCI|CCI-000366, Group-ID|V-22576, Rule-ID|SV-37979r1_rule, STIG-ID|GEN008420, Vuln-ID|V-22576
Plugin: Unix
Control ID: 588ae233689468cab05e53e316e6c6e55179b6b5d5247e06927995c41b093186