CCE-90727-9Platform: rhel7,centos7 | Date: (C)2017-06-29 (M)2022-10-10 |
Restrict Information Published by Avahi
If it is necessary to publish some information to the network, it should not be joined
by any extraneous information, or by information supplied by a non-trusted source
on the system.
Prevent user applications from using Avahi to publish services by adding or
correcting the following line in the '[publish]' section:
'disable-user-service-publishing=yes'
Implement as many of the following lines as possible, to restrict the information
published by Avahi.
publish-addresses=no
publish-hinfo=no
publish-workstation=no
publish-domain=no
Inspect the files in the directory '/etc/avahi/services/'. Unless there
is an operational need to publish information about each of these services,
delete the corresponding file.
Parameter:
Technical Mechanism:
These options prevent publishing attempts from succeeding,
and can be applied even if publishing is disabled entirely vi
Adisable-publishing. Alternatively, these can be used to restrict
the types of published information in the event that some information
must be published.
Fix:
No Remediation Info
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:30417 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31140 |