admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-01-31 15:53:33 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
f94b45a129e2d3c59fe5ddb07e69ca8bedadc4b2
nuclei-templates/code/linux/audit/ldap-server.yaml
pussycat0x f94b45a129 Local tag - update
2025-08-28 23:41:32 +05:30

42 lines
1.3 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
id: ldap-server
info:
name: Ensure LDAP Server Service is Not Installed
author: Th3l0newolf
severity: info
description: |
The slapd package provides the OpenLDAP server, which manages directory and identity services. If not explicitly required, having this service installed unnecessarily increases the systems attack surface.
remediation: |
- Run: sudo apt-get remove slapd -y
- This removes the LDAP server package to reduce the systems attack surface.
reference:
- https://www.cisecurity.org/benchmark/ubuntu_linux
metadata:
verified: true
tags: cis,local,cisecurity,audit,linux,ubuntu
self-contained: true
code:
- engine:
- bash
args:
- "-c"
- |
if dpkg-query -s slapd &>/dev/null; then
echo "[ldap-server-check:Policy-Fail] [slapd is installed] [CIS_FAIL]"
else
echo "[ldap-server-check:Policy-Pass] [slapd is not installed] [CIS_PASS]"
fi
matchers:
- type: word
name: policy-pass
words:
- "Policy-Pass"
- type: word
name: policy-fail
words:
- "Policy-Fail"
# digest: 490a004630440220122e74bbeb14a7f14348cdb93d4bc91898942ebeaa6a6d6fcbc1fcf8e7bb2967022024b8a1ceedb0355d5ce74a15265b821b76289248f485859e9118b9e32a46c215:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink