mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
45 lines
1.6 KiB
YAML
45 lines
1.6 KiB
YAML
id: autofs-service
|
||
|
||
info:
|
||
name: Ensure autofs Service is Not Installed
|
||
author: Th3l0newolf
|
||
severity: info
|
||
description: |
|
||
The autofs package provides the automounting service, which mounts file systems automatically on demand. If not explicitly required, having this service installed increases the system’s attack surface and should be avoided.
|
||
remediation: |
|
||
- Ensure the `autofs` package is not installed unless explicitly required.
|
||
- To disable the service if present, run: sudo systemctl disable --now autofs 2>/dev/null || true
|
||
- To remove the package, run: sudo apt-get purge -y autofs
|
||
- To clean up dependencies, run: sudo apt-get autoremove -y
|
||
- To verify removal, run: dpkg-query -s autofs || echo "autofs not installed"
|
||
reference:
|
||
- https://www.cisecurity.org/benchmark/ubuntu_linux
|
||
metadata:
|
||
verified: true
|
||
tags: cis,local,cisecurity,audit,linux,ubuntu
|
||
|
||
self-contained: true
|
||
|
||
code:
|
||
- engine:
|
||
- bash
|
||
args:
|
||
- "-c"
|
||
- |
|
||
if dpkg-query -s autofs &>/dev/null; then
|
||
echo "[autofs-service-check:Policy-Fail] [autofs is installed] [CIS_FAIL]"
|
||
else
|
||
echo "[autofs-service-check:Policy-Pass] [autofs is not installed] [CIS_PASS]"
|
||
fi
|
||
|
||
matchers:
|
||
- type: word
|
||
name: policy-pass
|
||
words:
|
||
- "Policy-Pass"
|
||
|
||
- type: word
|
||
name: policy-fail
|
||
words:
|
||
- "Policy-Fail"
|
||
# digest: 4b0a00483046022100beae631943cebc47c019a26e3e75c3564f7fa4fe70eb0de578f3fce62a6d00aa022100aa285d67fd177fa37e5274957926becc643b3aeec8e446f8dab8ccc4c704597b:922c64590222798bb761d5b6d8e72950 |