Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system must not have the Calendar Manager Service Daemon (CMSD) service active.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-29501 | GEN009160 | SV-38705r1_rule | ECSC-1 | Medium |
| Description |
|---|
| The CMSD service for CDE is an unnecessary process that runs a root and increases attack vector of the system. Buffer overflow attacks against the CMSD process can potentially give access to the system. |
| STIG | Date |
|---|---|
| AIX 6.1 Security Technical Implementation Guide | 2013-03-27 |
Details
| Check Text ( C-37801r1_chk ) |
|---|
| Check the /etc/inetd.conf file for active CMSD service. # grep 'rpc\.cmsd' /etc/inetd.conf |grep -v \# If the CMSD service is enabled, this is a finding. |
| Fix Text (F-33059r1_fix) |
|---|
| Edit /etc/inetd.conf and comment out the CMSD service. Restart the inetd service. # refresh -s inetd |