Trivial File Transfer Protocol (TFTP) service is not disabled
Description
Trivial File Transfer Protocol (TFTP) is a simple File Transfer Protocol which allows file transfer between remote hosts. It does not support authentication or access control and doesn't have any built-in encryption. Therefore it is easy for hackers to spoof your TFTP server and perform malicious actions. Fixing this misconfiguration will disable TFTP service in your network endpoints.
Severity
important
Category
Linux - Insecure Services
Resolution
Follow the below steps to resolve the misconfiguration.
Comment out or remove any lines starting with tftp from /etc/inetd.conf and
/etc/inetd.d/* .
Set disable = yes on all tftp services in /etc/xinetd.conf and /etc/xinetd.d/* .
Potential issues that may arise after applying the resolution
Altering the existing security setting may create the following impact in your network operations. Legacy protocols are present to support operations of legacy applications and services. Disabling them would cause those applications to stop functioning.
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.
