Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-18804 | EMG2-275 Exch2K3 | SV-20530r1_rule | ECLP-1 | Medium |
Description |
---|
Scripts on virtual servers are a frequent cause of server compromises. Since this virtual (web) server is the primary interface between Exchange and the web, it is particularly at risk of compromise. Therefore, attack vectors via scripts and executables running on the server, should be minimized. The Public Virtual Server enables web access for shared public folders. This control allows the administrator to specify whether scripts and/or executables may be run on this virtual server. Scripts and executables should be denied permissions to run on this server, eliminating this attack vector from the security profile. |
STIG | Date |
---|---|
Microsoft Exchange Server 2003 | 2014-08-19 |
Check Text ( C-22514r1_chk ) |
---|
Validate that scripts are not permitted to execute in the Public Virtual Server. Procedure: Exchange system Manager >>Administrative Groups>> [administrative group]>> Servers >> [server name] >> protocols >> HTTP >> Exchange Virtual Server >> Public >> Properties >> Access tab For Execute Permissions, ‘None’ should be selected. Criteria: If Execute Permissions have ‘None’ selected, this is not a finding. |
Fix Text (F-19464r1_fix) |
---|
Configure the Public Virtual Server. Procedure: Exchange system Manager >>Administrative Groups>> [administrative group]>> Servers >> [server name] >> protocols >> HTTP >> Exchange Virtual Server >> Public >> Properties >> Access tab For Execute Permissions, select ‘None’. |