{"description": "The slapd package is not installed by default on a Ubuntu 22.04\nsystem. It is needed only by the OpenLDAP server, not by the\nclients which use LDAP for authentication. If the system is not\nintended for use as an LDAP Server it should be removed.", "rationale": "Unnecessary packages should not be installed to decrease the attack\nsurface of the system.  While this software is clearly essential on an LDAP\nserver, it is not necessary on typical desktop or workstation systems.", "severity": "low", "references": {"cis-csc": ["11", "14", "3", "9"], "cobit5": ["BAI10.01", "BAI10.02", "BAI10.03", "BAI10.05", "DSS05.02", "DSS05.05", "DSS06.06"], "isa-62443-2009": ["4.3.3.5.1", "4.3.3.5.2", "4.3.3.5.3", "4.3.3.5.4", "4.3.3.5.5", "4.3.3.5.6", "4.3.3.5.7", "4.3.3.5.8", "4.3.3.6.1", "4.3.3.6.2", "4.3.3.6.3", "4.3.3.6.4", "4.3.3.6.5", "4.3.3.6.6", "4.3.3.6.7", "4.3.3.6.8", "4.3.3.6.9", "4.3.3.7.1", "4.3.3.7.2", "4.3.3.7.3", "4.3.3.7.4", "4.3.4.3.2", "4.3.4.3.3"], "isa-62443-2013": ["SR 1.1", "SR 1.10", "SR 1.11", "SR 1.12", "SR 1.13", "SR 1.2", "SR 1.3", "SR 1.4", "SR 1.5", "SR 1.6", "SR 1.7", "SR 1.8", "SR 1.9", "SR 2.1", "SR 2.2", "SR 2.3", "SR 2.4", "SR 2.5", "SR 2.6", "SR 2.7", "SR 7.6"], "iso27001-2013": ["A.12.1.2", "A.12.5.1", "A.12.6.2", "A.14.2.2", "A.14.2.3", "A.14.2.4", "A.9.1.2"], "nist": ["CM-7(a)", "CM-7(b)", "CM-6(a)"], "nist-csf": ["PR.IP-1", "PR.PT-3"], "cis": ["2.1.7"]}, "control_references": {"cis": ["2.1.7"]}, "components": [], "identifiers": {}, "ocil_clause": "it does not", "ocil": "To verify the <tt>slapd</tt> package is not installed, run the\nfollowing command:\n<pre>$ dpkg -l slapd</pre>\nThe output should show the following:\n<pre>package slapd is not installed</pre>", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Uninstall openldap-servers Package", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml", "template": {"name": "package_removed", "vars": {"pkgname": "slapd"}, "backends": {}}}