RHEL 9 must not have the ypserv package installed.

STIG ID: RHEL-09-215030  |  SRG: SRG-OS-000095-GPOS-00049 |  Severity: medium |  CCI: CCI-000381 |  Vulnerability Id: V-257829 | 

Vulnerability Discussion

The NIS service provides an unencrypted authentication service, which does not provide for the confidentiality and integrity of user passwords or the remote session.

Removing the "ypserv" package decreases the risk of the accidental (or intentional) activation of NIS or NIS+ services.

Check

Verify that the ypserv package is not installed with the following command:

$ sudo dnf list --installed ypserv

Error: No matching Packages to list

If the "ypserv" package is installed, this is a finding.

Fix

Remove the ypserv package with the following command:

$ sudo dnf remove ypserv