[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90727-9

Platform: rhel7,centos7Date: (C)2017-06-29   (M)2022-10-10



Restrict Information Published by Avahi If it is necessary to publish some information to the network, it should not be joined by any extraneous information, or by information supplied by a non-trusted source on the system. Prevent user applications from using Avahi to publish services by adding or correcting the following line in the '[publish]' section: 'disable-user-service-publishing=yes' Implement as many of the following lines as possible, to restrict the information published by Avahi. publish-addresses=no publish-hinfo=no publish-workstation=no publish-domain=no Inspect the files in the directory '/etc/avahi/services/'. Unless there is an operational need to publish information about each of these services, delete the corresponding file.


Parameter:


Technical Mechanism:

These options prevent publishing attempts from succeeding, and can be applied even if publishing is disabled entirely vi Adisable-publishing. Alternatively, these can be used to restrict the types of published information in the event that some information must be published. Fix: No Remediation Info

CCSS Severity:CCSS Metrics:
CCSS Score : Attack Vector:
Exploit Score: Attack Complexity:
Impact Score: Privileges Required:
Severity: User Interaction:
Vector: Scope:
 Confidentiality:
 Integrity:
 Availability:
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:30417
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31140


OVAL    2
oval:org.secpod.oval:def:30417
oval:org.secpod.oval:def:31140

© SecPod Technologies