[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90749-3

Platform: cpe:/o:centos:centos:7, cpe:/o:redhat:enterprise_linux:7Date: (C)2017-06-29   (M)2023-07-04



The 'openldap-servers' package should be removed if not in use. Is this machine the OpenLDAP server? If not, remove the package. '$ sudo yum erase openldap-servers' The openldap-servers RPM is not installed by default on CentOS 7 machines. It is needed only by the OpenLDAP server, not by the clients which use LDAP for authentication. If the system is not intended for use as an LDAP Server it should be removed.


Parameter:

[no/yes]


Technical Mechanism:

Unnecessary packages should not be installed to decrease the attack surface of the system. While this software is clearly essential on an LDAP server, it is not necessary on typical desktop or workstation systems.

CCSS Severity:CCSS Metrics:
CCSS Score : 8.0Attack Vector: NETWORK
Exploit Score: 1.3Attack Complexity: HIGH
Impact Score: 6.0Privileges Required: HIGH
Severity: HIGHUser Interaction: NONE
Vector: AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HScope: CHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:30438
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31161


OVAL    2
oval:org.secpod.oval:def:30438
oval:org.secpod.oval:def:31161
XCCDF    2
xccdf_org.secpod_benchmark_general_CENTOS_7
xccdf_org.secpod_benchmark_general_RHEL_7

© SecPod Technologies