tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,354 Commits 2 Branches 62 Tags 17 MiB
Commit Graph

3354 Commits

Author SHA1 Message Date
Michael Boelen e6c6fdc9a8
[AUTH-9229] Undo escaping exclamation mark and disabling test for AIX and macOS 2020-06-26 10:24:37 +02:00
Michael Boelen ee3a3df601
Updated log 2020-06-26 09:54:05 +02:00
Michael Boelen 871f95cbf3
Use BSD style format when calling stat 2020-06-26 09:53:23 +02:00
Michael Boelen f00637d433
Updated log 2020-06-26 09:45:09 +02:00
Michael Boelen 9f0bbf52ea
[FIRE-4534] set initial state 2020-06-26 09:44:39 +02:00
Michael Boelen 68c6bdff16
[AUTH-9229] escaped exclamation mark 2020-06-26 09:34:40 +02:00
Thomas Sjögren e3ccca4ac0 add SUSE Linux Enterprise Server EOL 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-25 15:33:31 +02:00
Michael Boelen 18ec88d174
Updated log 2020-06-24 09:23:16 +02:00
Michael Boelen 8a5b2a4099
Merge pull request #920 from jsrc27/Fix-KRNL-5730 
Fix KRNL-5730 to properly check /proc/config.gz
 2020-06-24 09:21:32 +02:00
Michael Boelen 0b65536322
Updated log 2020-06-24 08:09:48 +02:00
Michael Boelen c707b7d100
[MALW-3280] added additional BitDefender process 2020-06-24 08:09:12 +02:00
Michael Boelen d61d7f5ab7
Updated log 2020-06-23 13:57:36 +02:00
Michael Boelen 36f86d76c4
[AUTH-9229] added option to look for LOCKED accounts 2020-06-23 13:57:14 +02:00
Michael Boelen 610f70d5aa
[INSE-8312] corrected text 2020-06-23 13:56:13 +02:00
Michael Boelen 44fb7efd64
Strip quotes in locale output, e.g. macOS 2020-06-23 10:57:45 +02:00
Michael Boelen 8596156ca1
Updated log 2020-06-23 10:36:32 +02:00
Michael Boelen f36feb355b
Merge pull request #962 from al-lac/master 
Add macOS Big Sur (11.0)
 2020-06-23 10:35:27 +02:00
Michael Boelen b765abd49c
Merge pull request #942 from Steve8291/patch-1 
Fix typo in kernel options description
 2020-06-23 09:16:56 +02:00
Alexander Lackner d7870e3f5c Added macOS Big Sur (11.0) 2020-06-22 20:44:58 +02:00
Michael Boelen c6cc6fb8c7
Updated log 2020-06-22 14:27:30 +02:00
Michael Boelen b980223d42
Merge pull request #958 from Steve8291/patch-2 
fix stderr output from cryptsetup status
 2020-06-22 14:26:47 +02:00
Michael Boelen d1cb4d71cd
Merge pull request #951 from al-lac/master 
Update language files (de, de-AT, en)
 2020-06-22 14:14:50 +02:00
Michael Boelen 75738ceeab
Fix for language detection, unset LANG as right place 2020-06-22 10:25:02 +02:00
Michael Boelen 6d6781a2ae
Updated log 2020-06-22 10:18:56 +02:00
Michael Boelen a2f8bdc5f8
[BOOT-5122] presence check for grub.d added 2020-06-22 10:18:01 +02:00
Steve8291 c02ce49ce3
fix stderr output from cryptsetup status 
Redirected stderr to /dev/null to silence output of `cryptsetup status /swap.img`
This was causing error output from my cron script.
Otherwise, if the swap file is not encrypted then the following error will be printed:
`Device swap.img not found`
 2020-06-21 10:47:28 -04:00
Michael Boelen 74c4298eab
Updated log 2020-06-21 13:15:09 +02:00
Michael Boelen 6d9b530bf4
[KRNL-5830] improved detection for non-symlinked kernel on disk 2020-06-21 13:14:08 +02:00
Michael Boelen aebd5ed9b3
Remove unneeded line in log to prevent double entry 2020-06-21 12:57:05 +02:00
Michael Boelen b2350f2f6c
Add log entry to help troubleshooting users that still use old-style configuration entries in profile 2020-06-21 12:52:50 +02:00
Michael Boelen 251cb97902
Updated log 2020-06-21 12:40:51 +02:00
Michael Boelen 22644edc50
Added missing colons 2020-06-21 12:40:43 +02:00
Michael Boelen f855fe7a04
Added Linux Mint 2020-06-21 12:40:03 +02:00
Michael Boelen 06b3cbe529
Reordered items 2020-06-21 12:36:36 +02:00
Simon Biewald 5cd33746a0
add (Open)SSH equivalents to rhost files 
SSH also supports host based authentication. In contrast to the totally
insecure rsh, the hostnames are checked cryptographically. The
authorization checks are still done with the same syntax as with rsh.
In addition to the old rhosts/rlogin (and eqviv) file, SSH adds the
slogin file. This must not be writable as well, as attackers could
elevate their privileges.
 2020-06-20 17:45:34 +02:00
Simon Biewald b7b132721e
check permissions of files used by rsh 
The old rsh (remote shell) grants access to users and hosts in the files
/etc/hosts.equiv and ~/r(login|hosts). If attackers can write to those
files, he can logon as a different user or even root (in case of roots
.r(login|hosts) only) to the system. While the rsh daemon usually checks
for non-root owners or write permissions, this may not be the case on
any system.

Those files might affect other services as well (rlogin, rcp, ...).

As hostnames and usernames are not verified securely, the use of rsh and
similar commands discouraged. It may still be in use on legacy systems
even today, so it should be secured as much as possible if not possible
to remove/replace.
 2020-06-20 17:08:56 +02:00
Alexander L dfb02e4179
Update de 
Sorting
 2020-06-20 14:23:17 +02:00
Alexander L 4a71989d2e
Update en 
Sorting
 2020-06-20 14:20:58 +02:00
Alexander Lackner 6aa63f1c95 Update language files (de, de-AT, en) 2020-06-20 02:12:57 +02:00
Michael Boelen bd29a3e4e7
Updated log 2020-06-19 11:11:47 +02:00
Michael Boelen 57a2ae2b8d
Switch to pre-release 2020-06-19 11:11:37 +02:00
Michael Boelen 6a9e94befb
Reordered items, added Kali Linux, improved exception message 2020-06-19 11:10:22 +02:00
Michael Boelen 05ef9547ae
Release 3.0.0 2020-06-18 12:51:54 +02:00
Michael Boelen 3fa85dd964
Merge pull request #945 from konstruktoid/issue944 
add Fedora EOL, update other releases
 2020-06-18 12:49:15 +02:00
Michael Boelen 3c3c4105b2
Updated log 2020-06-18 12:48:33 +02:00
Michael Boelen 051be09838
Merge pull request #594 from katkad/home_result 
CVE-2020-13882: discovered by Sander Bos, code submission by Katarina Durechova - Store log and data file in home directory for non-privileged usage
 2020-06-18 12:46:42 +02:00
Michael Boelen 3b9eda53cc
CVE-2019-13033 - Discovered by Sander Bos 2020-06-18 12:36:04 +02:00
Thomas Sjögren 78e7ce36af add RHEL 6,7,8 EOL dates 
(cherry picked from commit 6ce0aa41c6)
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-18 10:15:13 +02:00
Thomas Sjögren 41ad9d380c update all EOL dates to seconds to epoch 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-16 09:05:55 +02:00
Thomas Sjögren ca6326a12b
Update db/software-eol.db 
Co-authored-by: Jaimie <59117167+Jaimie85@users.noreply.github.com>
 2020-06-15 07:40:57 +00:00