UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system must not have the Calendar Manager Service Daemon (CMSD) service active.


Overview

Finding ID Version Rule ID IA Controls Severity
V-29501 GEN009160 SV-38705r1_rule ECSC-1 Medium
Description
The CMSD service for CDE is an unnecessary process that runs a root and increases attack vector of the system. Buffer overflow attacks against the CMSD process can potentially give access to the system.
STIG Date
AIX 5.3 Security Technical Implementation Guide 2012-05-25

Details

Check Text ( C-37801r1_chk )
Check the /etc/inetd.conf file for active CMSD service.

# grep 'rpc\.cmsd' /etc/inetd.conf |grep -v \#

If the CMSD service is enabled, this is a finding.
Fix Text (F-33059r1_fix)
Edit /etc/inetd.conf and comment out the CMSD service.

Restart the inetd service.
# refresh -s inetd