admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-02-01 00:03:39 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
4537df8757d9115a114a3ed026a1da51ea85e3b0
nuclei-templates/code/linux/audit/ldap-client.yaml
ghost fc254a067f chore: sign templates 🤖
2025-08-29 10:06:03 +00:00

44 lines
1.5 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
id: ldap-client
info:
name: Ensure LDAP Client is Not Installed
author: Th3l0newolf
severity: info
description: |
The ldap-utils package provides LDAP client utilities that allow systems to query and interact with LDAP directories.If not explicitly required, it should be removed to minimize the systems attack surface and reduce security risks.
remediation: |
- Ensure the ldap-utils package is not installed unless explicitly required.
- To remove the package, run: sudo apt-get remove ldap-utils -y
reference:
- https://www.cisecurity.org/benchmark/ubuntu_linux
metadata:
verified: true
tags: cis,local,cisecurity,audit,linux,ubuntu,ldap
self-contained: true
code:
- engine:
- bash
args:
- "-c"
- |
# Check if the ldap-utils package is installed
if dpkg-query -W -f='${Status}' ldap-utils 2>/dev/null | grep -q "install ok installed"; then
echo "[cis-ldap-client-check:Policy-Fail] [ldap-utils is installed] [CIS_FAIL]"
else
echo "[cis-ldap-client-check:Policy-Pass] [ldap-utils is not installed] [CIS_PASS]"
fi
matchers:
- type: word
name: policy-pass
words:
- "Policy-Pass"
- type: word
name: policy-fail
words:
- "Policy-Fail"
# digest: 4b0a00483046022100ff8778e0ae1fc773a1a46f288bcfb1d5e232d50fe42361d05d96bca924ecae6e0221009d492ae0f7a531cea826f1e264d8b8418a9656c6f5fa3d0ce75fb7ff9ba9b54b:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink