STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The xorg-x11-server-common (X Windows) package must not be installed, unless required.

DISA Rule

SV-209023r603263_rule

Vulnerability Number

V-209023

Group Title

SRG-OS-000480

Rule Version

OL6-00-000291

Severity

CAT III

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Removing all packages which constitute the X Window System ensures users or malicious software cannot start X. To do so, run the following command:

# yum groupremove "X Window System"

Check Contents

To ensure the X Windows package group is removed, run the following command:

$ rpm -qi xorg-x11-server-common

The output should be:

package xorg-x11-server-common is not installed

If it is not, this is a finding.

Vulnerability Number

V-209023

Documentable

False

Rule Version

OL6-00-000291

Severity Override Guidance

Check Content Reference

Target Key

2928

The xorg-x11-server-common (X Windows) package must not be installed, unless required.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments