Check: GEN009160
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN009160
(in versions v1 r14 through v1 r10)
Title
The system must not have the Calendar Manager Service Daemon (CMSD) service active. (Cat II impact)
Discussion
The CMSD service for CDE is an unnecessary process that runs a root and increases attack vector of the system. Buffer overflow attacks against the CMSD process can potentially give access to the system.
Check Content
Check the /etc/inetd.conf file for active CMSD service. # grep 'rpc\.cmsd' /etc/inetd.conf |grep -v \# If the CMSD service is enabled, this is a finding.
Fix Text
Edit /etc/inetd.conf and comment out the CMSD service. Restart the inetd service. # refresh -s inetd
Additional Identifiers
Rule ID: SV-38705r1_rule
Vulnerability ID: V-29501
Group Title: GEN009160
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |