STIGQter: STIG Summary: Red Hat Enterprise Linux 6 Security Technical Implementation Guide Version: 1 Release: 24 Benchmark Date: 25 Oct 2019: The openldap-servers package must not be installed unless required.

DISA Rule

SV-50428r2_rule

Vulnerability Number

V-38627

Group Title

SRG-OS-999999

Rule Version

RHEL-06-000256

Severity

CAT III

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

The "openldap-servers" package should be removed if not in use.

# yum erase openldap-servers

The openldap-servers RPM is not installed by default on RHEL6 machines. It is needed only by the OpenLDAP server, not by the clients which use LDAP for authentication. If the system is not intended for use as an LDAP Server it should be removed.

Check Contents

To verify the "openldap-servers" package is not installed, run the following command:

$ rpm -q openldap-servers

The output should show the following.

package openldap-servers is not installed

If it does not, this is a finding.

Vulnerability Number

V-38627

Documentable

False

Rule Version

RHEL-06-000256

Severity Override Guidance

Check Content Reference

Target Key

2367

STIGQter: STIG Summary: Red Hat Enterprise Linux 6 Security Technical Implementation Guide Version: 1 Release: 24 Benchmark Date: 25 Oct 2019: The openldap-servers package must not be installed unless required.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments