id: telnet-client

info:
  name: Ensure Telnet Client is Not Installed
  author: Th3l0newolf
  severity: info
  description: |
    The telnet and inetutils-telnet packages provide a Telnet client for remote access.Since Telnet uses unencrypted communication, these packages should not be installed to reduce the risk of credential theft and unauthorized access.
  remediation: |
    Ensure telnet and inetutils-telnet packages are not installed unless explicitly required.To remove them, run: sudo apt-get remove telnet inetutils-telnet -y
  reference:
    - https://www.cisecurity.org/benchmark/ubuntu_linux
  metadata:
    verified: true
  tags: cis,local,cisecurity,audit,linux,ubuntu,telnet

self-contained: true

code:
  - engine:
      - sh
      - bash

    args:
      - "-c"
      - |
        # Check if telnet or inetutils-telnet package is installed
        if dpkg-query -W -f='${Package} ${Status}\n' telnet inetutils-telnet 2>/dev/null | grep -q "install ok installed"; then
          echo "[cis-telnet-client-check:Policy-Fail] [Telnet client is installed] [CIS_FAIL]"
        else
          echo "[cis-telnet-client-check:Policy-Pass] [Telnet client is not installed] [CIS_PASS]"
        fi

    matchers:
      - type: word
        name: policy-pass
        words:
          - "Policy-Pass"

      - type: word
        name: policy-fail
        words:
          - "Policy-Fail"
# digest: 4b0a00483046022100b01ae626cf301187f1100bc702af3f84281c84e01327ced2a652005464591dbc02210086c8454cbea9e2c67672a569489079b1a7bd0612571c8b43f7f51ed5f4fc5ebb:922c64590222798bb761d5b6d8e72950