CCI-001092 requires limiting the effects of a DoS attack. The reference rule provide some
protection agains these type of attacks.
Signed-off-by: Willy Santos <wsantos(a)redhat.com>
---
rhel6/src/input/system/accounts/pam.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/rhel6/src/input/system/accounts/pam.xml
b/rhel6/src/input/system/accounts/pam.xml
index 5fa2d32..2820b56 100644
--- a/rhel6/src/input/system/accounts/pam.xml
+++ b/rhel6/src/input/system/accounts/pam.xml
@@ -163,7 +163,7 @@ is different from account lockout, which is provided by the
pam_faillock module.
</rationale>
<ident cce="15054-0" />
<oval id="accounts_password_pam_cracklib_retry"
value="var_password_pam_cracklib_retry"/>
-<ref nist="IA-5" />
+<ref nist="IA-5" disa="1092" />
</Rule>
<Rule id="password_require_digits">
--
1.7.7.6