CCE-90729-5Platform: rhel7,centos7 | Date: (C)2017-06-29 (M)2022-10-10 |
Disable Printer Browsing Entirely if Possible
By default, CUPS listens on the network for printer list
broadcasts on UDP port 631. This functionality is called printer browsing.
To disable printer browsing entirely, edit the CUPS configuration
file, located at '/etc/cups/cupsd.conf', to include the following:
'Browsing Off'
Parameter:
Technical Mechanism:
The CUPS print service can be configured to broadcast a list of
available printers to the network. Other machines on the network, also running
the CUPS print service, can be configured to listen to these broadcasts and add
and configure these printers for immediate use. By disabling this browsing
capability, the machine will no longer generate or receive such broadcasts.
Fix:
No Remediation Info
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31142 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:30419 |