STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 7 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Oracle HTTP Server 12.1.3 Security Technical Implementation Guide

V-221446

CAT II (Medium)

A production OHS Installation must prohibit the installation of a compiler.

Rule ID

SV-221446r961863_rule

STIG

Oracle HTTP Server 12.1.3 Security Technical Implementation Guide

Version

V2R3

CCIs

CCI-000366

Discussion

The presence of a compiler on a production server facilitates the malicious user’s task of creating custom versions of programs and installing Trojan Horses or viruses. For example, the attacker’s code can be uploaded and compiled on the server under attack.

Check Content

1. Ask the System Administrator if a compiler is installed on the system.

2. If it is, this is a finding.

Fix Text

Ask the System Administrator to remove any compilers installed on the system.