CCE-92989-3Platform: cpe:/o:ubuntu:ubuntu_linux:19.04 | Date: (C)2019-11-07 (M)2023-07-04 |
Ensure time is not enabled
time is a network service that responds with the server's current date and time as a 32 bit integer. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.
Parameter:
[no/yes]
Technical Mechanism:
Disabling this service will reduce the remote attack surface of the system.
Fix:
Remove or comment out any time lines in /etc/inetd.conf:
#time stream tcp nowait root internal
6 Special Purpose Services
This section describes services that are installed on servers that specifically need to run these services. If any of these services are not required, it is recommended that they be disabled or deleted from the system to reduce the potential attack surface.
Note: This section lists common packages for different services however there are alternate packages which provide many of these services which should also be disabled or deleted if not required.
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.1 | Attack Vector: NETWORK |
Exploit Score: 2.8 | Attack Complexity: LOW |
Impact Score: 4.2 | Privileges Required: LOW |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: NONE |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:55202 |