STIGQter STIGQter: STIG Summary: Red Hat Enterprise Linux 6 Security Technical Implementation Guide Version: 1 Release: 24 Benchmark Date: 25 Oct 2019: System security patches and updates must be installed and up-to-date.

DISA Rule

SV-50281r1_rule

Vulnerability Number

V-38481

Group Title

SRG-OS-000191

Rule Version

RHEL-06-000011

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:

# yum update

If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using "rpm".

Check Contents

If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server which provides updates, invoking the following command will indicate if updates are available:

# yum check-update

If the system is not configured to update from one of these sources, run the following command to list when each package was last updated:

$ rpm -qa -last

Compare this to Red Hat Security Advisories (RHSA) listed at https://access.redhat.com/security/updates/active/ to determine whether the system is missing applicable security and bugfix updates.
If updates are not installed, this is a finding.

Vulnerability Number

V-38481

Documentable

False

Rule Version

RHEL-06-000011

Severity Override Guidance

If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server which provides updates, invoking the following command will indicate if updates are available:

# yum check-update

If the system is not configured to update from one of these sources, run the following command to list when each package was last updated:

$ rpm -qa -last

Compare this to Red Hat Security Advisories (RHSA) listed at https://access.redhat.com/security/updates/active/ to determine whether the system is missing applicable security and bugfix updates.
If updates are not installed, this is a finding.

Check Content Reference

M

Target Key

2367

Comments