Lucene search
SYS.2.2.2.A7
🗓️ 09 Dec 2019 00:00:00Reported by Copyright (C) 2019 Greenbone Networks GmbHType 
openvas🔗 plugins.openvas.org👁 8 Views
This program is distributed under the terms of the GNU General Public License and aims to protect information processed on Windows 8.1 clients by ensuring the activation and configuration of the Windows User Account Control (UAC)
Show more
# Copyright (C) 2019 Greenbone Networks GmbH
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.109993");
script_version("2021-04-16T06:57:08+0000");
script_tag(name:"last_modification", value:"2021-04-16 06:57:08 +0000 (Fri, 16 Apr 2021)");
script_tag(name:"creation_date", value:"2019-12-09 09:12:10 +0100 (Mon, 09 Dec 2019)");
script_tag(name:"cvss_base", value:"0.0");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:S/C:N/I:N/A:N");
script_tag(name:"qod", value:"97");
script_name("SYS.2.2.2.A7");
script_xref(name:"URL", value:"https://www.bsi.bund.de/DE/Themen/ITGrundschutz/ITGrundschutzKompendium/bausteine/SYS/SYS_2_2_2_Clients_unter_Windows_8_1.html");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2019 Greenbone Networks GmbH");
script_family("IT-Grundschutz");
script_mandatory_keys("Compliance/Launch/GSHB-ITG");
script_dependencies("smb_reg_service_pack.nasl", "os_detection.nasl",
"Policy/WindowsGeneral/UserAccountControl/win_uac_behavior_elevation_prompt_users.nasl",
"Policy/WindowsGeneral/UserAccountControl/win_uac_behaviour_elevation_prompt_admin.nasl",
"Policy/WindowsGeneral/UserAccountControl/win_uac_admin_approval_mode.nasl",
"Policy/WindowsGeneral/UserAccountControl/win_uac_all_admins_approval_mode.nasl",
"Policy/WindowsGeneral/UserAccountControl/win_uac_sec_desktop_when_prompt.nasl");
script_tag(name:"summary", value:"Ziel des Bausteins SYS.2.2.2 ist der Schutz von Informationen,
die durch und auf Windows 8.1-Clients verarbeiten werden.
Die Standard-Anforderung 'A7: Einsatz der Windows-Benutzerkontensteuerung UAC' beschreibt, dass UAC
aktiviert und konfiguriert sein sollte.");
exit(0);
}
include("itg.inc");
include("policy_functions.inc");
include("host_details.inc");
include("os_func.inc");
if (!itg_start_requirement(level:"Standard"))
exit(0);
title = "Einsatz der Windows-Benutzerkontensteuerung UAC";
desc = "Folgende Einstellungen werden getestet:
Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Behavior of the elevation prompt for standard users,
Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode,
Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Admin Approval Mode for the Built-in Administrator account,
Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Run all administrators in Admin Approval Mode,
Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Switch to the secure desktop when prompting for elevation";
oid_list = make_list("1.3.6.1.4.1.25623.1.0.109244",
"1.3.6.1.4.1.25623.1.0.109243",
"1.3.6.1.4.1.25623.1.0.109241",
"1.3.6.1.4.1.25623.1.0.109247",
"1.3.6.1.4.1.25623.1.0.109248");
if (os_host_runs("windows_8.1") != "yes"){
result = itg_result_wrong_target();
desc = itg_desc_wrong_target();
itg_set_kb_entries(result:result, desc:desc, title:title, id:"SYS.2.2.2.A7");
exit(0);
}
results_list = itg_get_policy_control_result(oid_list:oid_list);
result = itg_translate_result(compliant:results_list["compliant"]);
# Create report matching Greenbone Compliance Report requirements
report = policy_build_report(result:"MULTIPLE", default:"MULTIPLE", compliant:results_list["compliant"],
fixtext:results_list["solutions"], type:"MULTIPLE", test:results_list["tests"], info:results_list["notes"]);
itg_set_kb_entries(result:result, desc:desc, title:title, id:"SYS.2.2.2.A7");
itg_report(report:report);
exit(0);Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo09 Dec 2019 00:00Current
7.3High risk
Vulners AI Score7.3