Detections
Analytics
GEN009160 - The system must not have the Calendar Manager Service Daemon (CMSD) service active.
Information
The CMSD service for CDE is an unnecessary process that runs a root and increases attack vector of the system. Buffer overflow attacks against the CMSD process can potentially give access to the system.Solution
Edit /etc/inetd.conf and comment out the CMSD service.Restart the inetd service.
# refresh -s inetd
See Also
http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip
Item Details
Audit Name: DISA AIX 5.3 STIG v1r2
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-7, CAT|II, CCI|CCI-001436, Rule-ID|SV-38705r1_rule, STIG-ID|GEN009160, Vuln-ID|V-29501
Plugin: Unix
Control ID: 6d0112cb7a388c383becdfd06e4cc387b61ff3064cf862c977b632597b3cfce9