admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-01-31 15:53:33 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
4537df8757d9115a114a3ed026a1da51ea85e3b0
nuclei-templates/code/linux/audit/nis-client.yaml
ghost fc254a067f chore: sign templates 🤖
2025-08-29 10:06:03 +00:00

44 lines
1.4 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
id: nis-client
info:
name: Ensure NIS Client is Not Installed
author: Th3l0newolf
severity: info
description: |
The nis package provides the Network Information Service client, which is insecure and deprecated.If not explicitly required, it should be removed to reduce the systems attack surface.
remediation: |
- Ensure the nis package is not installed unless explicitly required.
- To remove the package, run: sudo apt-get remove nis -y
reference:
- https://www.cisecurity.org/benchmark/ubuntu_linux
metadata:
verified: true
tags: cis,local,cisecurity,audit,linux,ubuntu,nis
self-contained: true
code:
- engine:
- bash
args:
- "-c"
- |
# Check if the nis package is installed
if dpkg-query -W -f='${Status}' nis 2>/dev/null | grep -q "install ok installed"; then
echo "[cis-nis-client-check:Policy-Fail] [NIS is installed] [CIS_FAIL]"
else
echo "[cis-nis-client-check:Policy-Pass] [NIS is not installed] [CIS_PASS]"
fi
matchers:
- type: word
name: policy-pass
words:
- "Policy-Pass"
- type: word
name: policy-fail
words:
- "Policy-Fail"
# digest: 4a0a00473045022100cfc6bf15d445dff51f2fba3848fa1387d14074791850f1f0c91293107f5149be022068f71166dae4ec578d4ca2b043f92349a31fc68dc0e945644c2831490c3665e2:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink