STIGQter STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The openldap-servers package must not be installed unless required.

DISA Rule

SV-208932r603263_rule

Vulnerability Number

V-208932

Group Title

SRG-OS-000480

Rule Version

OL6-00-000256

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

The "openldap-servers" package should be removed if not in use. Is this machine the OpenLDAP server? If not, remove the package.

# yum erase openldap-servers

The openldap-servers RPM may be installed. It is needed only by the OpenLDAP server, not by clients which use LDAP for authentication. If the system is not intended for use as an LDAP server, it should be removed.

Check Contents

To verify the "openldap-servers" package is not installed, run the following command:

$ rpm -q openldap-servers

The output should show the following.

package openldap-servers is not installed

If it does not, this is a finding.

Vulnerability Number

V-208932

Documentable

False

Rule Version

OL6-00-000256

Severity Override Guidance

To verify the "openldap-servers" package is not installed, run the following command:

$ rpm -q openldap-servers

The output should show the following.

package openldap-servers is not installed

If it does not, this is a finding.

Check Content Reference

M

Target Key

2928

Comments