CCE-90701-4Platform: rhel7,centos7 | Date: (C)2017-06-29 (M)2022-10-10 |
Disable Portreserve (portreserve)
The 'portreserve' service is a TCP port reservation utility that can
be used to prevent portmap from binding to well known TCP ports that are
required for other services.
The 'portreserve' service can be disabled with the following command:
'$ sudo systemctl disable portreserve'
Parameter:
Technical Mechanism:
The 'portreserve' service provides helpful functionality by
preventing conflicting usage of ports in the reserved port range, but it can be
disabled if not needed.
Fix:
#
# Disable portreserve.service for all systemd targets
#
systemctl disable portreserve.service
#
# Stop portreserve.service if currently running
#
systemctl stop portreserve.service
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31115 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:30392 |