mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
43 lines
1.4 KiB
YAML
43 lines
1.4 KiB
YAML
id: rsh-client
|
|
|
|
info:
|
|
name: Ensure rsh Client is Not Installed
|
|
author: Th3l0newolf
|
|
severity: info
|
|
description: |
|
|
The rsh-client package provides the Remote Shell client, which transmits data in plaintext and is considered insecure.If not explicitly required, it should be removed to reduce exposure to unauthorized remote access.
|
|
remediation: |
|
|
Ensure the rsh-client package is not installed unless explicitly required.To remove the package, run: sudo apt-get remove rsh-client -y
|
|
reference:
|
|
- https://www.cisecurity.org/benchmark/ubuntu_linux
|
|
metadata:
|
|
verified: true
|
|
tags: cis,local,cisecurity,audit,linux,ubuntu,rsh
|
|
|
|
self-contained: true
|
|
|
|
code:
|
|
- engine:
|
|
- bash
|
|
|
|
args:
|
|
- "-c"
|
|
- |
|
|
# Check if the rsh-client package is installed
|
|
if dpkg-query -W -f='${Status}' rsh-client 2>/dev/null | grep -q "install ok installed"; then
|
|
echo "[cis-rsh-client-check:Policy-Fail] [rsh-client is installed] [CIS_FAIL]"
|
|
else
|
|
echo "[cis-rsh-client-check:Policy-Pass] [rsh-client is not installed] [CIS_PASS]"
|
|
fi
|
|
|
|
matchers:
|
|
- type: word
|
|
name: policy-pass
|
|
words:
|
|
- "Policy-Pass"
|
|
|
|
- type: word
|
|
name: policy-fail
|
|
words:
|
|
- "Policy-Fail"
|
|
# digest: 4a0a00473045022100f533077d301c1f42c4d08231ece267cb23ed7b5c19ba1d044c4b1a84dcc14b7f02207cd04519969a2f4f6d584e3b3d04aec08b4eb4f85c07337d2692f13c1ca23791:922c64590222798bb761d5b6d8e72950 |