tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-30 09:14:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
2,960 Commits 2 Branches 64 Tags
Commit Graph

2960 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Simon Biewald
b7b132721e
check permissions of files used by rsh 
The old rsh (remote shell) grants access to users and hosts in the files
/etc/hosts.equiv and ~/r(login|hosts). If attackers can write to those
files, he can logon as a different user or even root (in case of roots
.r(login|hosts) only) to the system. While the rsh daemon usually checks
for non-root owners or write permissions, this may not be the case on
any system.

Those files might affect other services as well (rlogin, rcp, ...).

As hostnames and usernames are not verified securely, the use of rsh and
similar commands discouraged. It may still be in use on legacy systems
even today, so it should be secured as much as possible if not possible
to remove/replace.
 2020-06-20 17:08:56 +02:00
Michael Boelen
bd29a3e4e7
Updated log 2020-06-19 11:11:47 +02:00
Michael Boelen
57a2ae2b8d
Switch to pre-release 2020-06-19 11:11:37 +02:00
Michael Boelen
6a9e94befb
Reordered items, added Kali Linux, improved exception message 2020-06-19 11:10:22 +02:00
Michael Boelen
05ef9547ae
Release 3.0.0 3.0.0 2020-06-18 12:51:54 +02:00
Michael Boelen
3fa85dd964
Merge pull request #945 from konstruktoid/issue944 
add Fedora EOL, update other releases
 2020-06-18 12:49:15 +02:00
Michael Boelen
3c3c4105b2
Updated log 2020-06-18 12:48:33 +02:00
Michael Boelen
051be09838
Merge pull request #594 from katkad/home_result 
CVE-2020-13882: discovered by Sander Bos, code submission by Katarina Durechova - Store log and data file in home directory for non-privileged usage
 2020-06-18 12:46:42 +02:00
Michael Boelen
3b9eda53cc
CVE-2019-13033 - Discovered by Sander Bos 2020-06-18 12:36:04 +02:00
Thomas Sjögren
78e7ce36af add RHEL 6,7,8 EOL dates 
(cherry picked from commit 6ce0aa41c64f8146716de25d613e66cf53f08b0e)
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-18 10:15:13 +02:00
Thomas Sjögren
41ad9d380c update all EOL dates to seconds to epoch 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-16 09:05:55 +02:00
Thomas Sjögren
ca6326a12b
Update db/software-eol.db 
Co-authored-by: Jaimie <59117167+Jaimie85@users.noreply.github.com>
 2020-06-15 07:40:57 +00:00
Thomas Sjögren
b3e1fc67c8 add Fedora EOL, update other releases 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-06-15 01:35:00 +02:00
Michael Boelen
2398c74783
Merge pull request #941 from iain-cuthbertson-siftware/bugfix/allow-mixed-case-hostnames 
Adds uppercase option to the hostname validation regex
 2020-06-02 18:50:35 +02:00
Michael Boelen
3d7de495cc
Updated log 2020-06-02 16:34:42 +02:00
Michael Boelen
05ea9f873d
[FILE-6330] corrected description 2020-06-02 16:34:35 +02:00
Iain Cuthbertson
0b8c775a01 Adds uppercase option to the hostname validation regex 2020-06-02 15:33:32 +01:00
Michael Boelen
b285623ac2
Remove double space 2020-06-02 16:30:43 +02:00
Michael Boelen
9fdfc062dd
Add Gentoo 2020-06-02 14:09:49 +02:00
Michael Boelen
96659e61eb
Merge pull request #929 from Jaimie85/update-NL-language 
Update & sort NL language
 2020-05-21 16:03:25 +02:00
Jaimie
f072f808a2
Update nl 2020-05-20 15:41:46 +02:00
Michael Boelen
3c04c6b394
Merge pull request #927 from danielf-5/master 
Minor edits
 2020-05-16 15:35:47 +02:00
Daniel Fernandez
be4fdb8bc4
Update CONTRIBUTING.md 2020-05-15 23:59:59 -05:00
Daniel Fernandez
b74977db53
Update HAPPY_USERS.md 2020-05-15 23:57:31 -05:00
Daniel Fernandez
859298cc2a
Update README.md 2020-05-15 23:56:43 -05:00
Michael Boelen
11cfa7c18d
Merge pull request #925 from ajshastri/master 
Added OS detection for Oracle Linux
 2020-05-15 11:30:33 +02:00
Aditya Shastri
2b0a0ba2e1 Addedd OS detection for Oracle Linux 2020-05-14 20:51:11 -07:00
Michael Boelen
e410d68ce6
Merge pull request #912 from konstruktoid/fileperms 
accept more restrictive file permissions
 2020-05-07 08:53:26 +02:00
Thomas Sjögren
51dfc34663 accept more restrictive file permissions 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-04-22 10:34:58 +02:00
Michael Boelen
ce3c80b44f
Merge pull request #883 from topimiettinen/check-encrypted-swap-devices 
Check if system uses encrypted swap devices
 2020-04-12 16:22:22 +02:00
Michael Boelen
a166691199
Merge pull request #882 from topimiettinen/check-package-certificates 
[CRYP-7902] Check also certificates provided by packages
 2020-04-09 11:01:39 +02:00
Michael Boelen
1163648d89
Merge pull request #896 from Schmuuu/feature/raspi-detect-required-reboot 
extended test KRNL-5830 to detect required reboots on Raspbian
 2020-04-09 09:58:48 +02:00
Michael Boelen
0019cf3297
Merge pull request #904 from bginsbach/krnl-5677 
KRNL-5677 use platform instead of preqs-met
 2020-04-09 09:55:28 +02:00
Brian Ginsbach
95b1ae044b KRNL-5677 use platform instead of preqs-met 2020-04-08 15:55:45 -05:00
Michael Boelen
110cc5a264
Merge pull request #903 from church1e/master 
[CRYP-7902] Fixes issue #902
 2020-04-08 14:20:05 +02:00
Martin Churchill
e4d491d574
[CRYP-7902] Fixes issue #902 
[CRYP-7902] Checks for SSL_CERTIFICATE_PATHS_TO_IGNORE fails to ignore sub-directories #902
 2020-04-08 10:02:18 +01:00
Michael Boelen
be75a089a7
[PROC-3802] added package manager routine as dependency 2020-04-07 10:53:39 +02:00
Michael Boelen
c368846a08
Added support to require a detected and known package manager 2020-04-06 20:47:45 +02:00
Michael Boelen
798f5322f6
Updated log 2020-04-06 16:23:31 +02:00
Michael Boelen
eb8a490a4a
Merge pull request #901 from 0xD503/ru-lang 
Add Russian translation
 2020-04-06 16:22:12 +02:00
0xD503
49549f9155 Added Russian translation 
Added Russian localization
 2020-04-05 22:01:29 +01:00
Michael Boelen
9da0665929
[NETW-2400] Improved logging 2020-04-04 15:56:00 +02:00
Michael Boelen
032bb6988e
Added new test NETW-2400 2020-04-04 15:28:04 +02:00
Michael Boelen
4680f94d11
[NETW-2706] allow usage of systemd-resolve and resolvectl, improved screen output and logging 2020-04-03 14:02:52 +02:00
Michael Boelen
235dbd3805
Updated log 2020-04-03 09:50:03 +02:00
Michael Boelen
5288479296
Merge pull request #899 from bginsbach/auth-9218 
AUTH-9218 Improvements
 2020-04-03 09:48:39 +02:00
Michael Boelen
e2ad71ffe5
Updated log 2020-04-03 09:46:56 +02:00
Michael Boelen
f92fe4e03f
Merge pull request #898 from bginsbach/auth-9268 
AUTH-9268 Add DragonFly
 2020-04-03 09:45:21 +02:00
Michael Boelen
84fb16fa9e
Merge branch 'master' of https://github.com/CISOfy/lynis 2020-04-03 09:40:55 +02:00
Michael Boelen
f25ffdbb1f
[NETW-2706] redirect errors to stderr 2020-04-03 09:40:30 +02:00