Lucene search
Linux: SSH PermitUserEnvironment
🗓️ 14 Jan 2020 00:00:00Reported by Copyright (C) 2020 Greenbone Networks GmbHType 
openvas🔗 plugins.openvas.org👁 6 Views
The PermitUserEnvironment option allows users to present environment options to the sshdaemon. Permitting users the ability to set environment variables through the SSH daemon could potentially allow users to bypass security controls
Show more
| Source | Link |
|---|---|
| linux | www.linux.die.net/man/5/sshd_config |
# Copyright (C) 2020 Greenbone Networks GmbH
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.150074");
script_version("2022-08-31T10:10:28+0000");
script_tag(name:"last_modification", value:"2022-08-31 10:10:28 +0000 (Wed, 31 Aug 2022)");
script_tag(name:"creation_date", value:"2020-01-14 14:14:36 +0100 (Tue, 14 Jan 2020)");
script_tag(name:"cvss_base", value:"0.0");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:S/C:N/I:N/A:N");
script_tag(name:"qod", value:"97");
script_name("Linux: SSH PermitUserEnvironment");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2020 Greenbone Networks GmbH");
script_family("Policy");
script_dependencies("compliance_tests.nasl", "read_sshd_config.nasl");
script_mandatory_keys("Compliance/Launch");
script_add_preference(name:"Value", type:"radio", value:"no;yes", id:1);
script_xref(name:"URL", value:"https://linux.die.net/man/5/sshd_config");
script_xref(name:"Policy", value:"CIS Distribution Independent Linux v2.0.0: 5.2.12 Ensure SSH PermitUserEnvironment is disabled (Scored)");
script_xref(name:"Policy", value:"CIS CentOS Linux 8 Benchmark v1.0.0: 5.2.12 Ensure SSH PermitUserEnvironment is disabled (Scored)");
script_xref(name:"Policy", value:"CIS Controls Version 7: 5.1 Establish Secure Configurations");
script_tag(name:"summary", value:"The PermitUserEnvironment option allows users to present environment options
to the sshdaemon.
Permitting users the ability to set environment variables through the SSH daemon could potentially
allow users to bypass security controls (e.g. setting an execution path that has sshexecuting
trojan'd programs)");
exit(0);
}
include("ssh_func.inc");
include("policy_functions.inc");
cmd = "grep '^PermitUserEnvironment' /etc/ssh/sshd_config";
title = "SSH PermitUserEnvironment";
solution = "Edit the /etc/ssh/sshd_configfile to set the parameter as follows:
PermitUserEnvironment no";
test_type = "SSH_Cmd";
default = script_get_preference("Value", id:1);
if(get_kb_item("Policy/linux/sshd_config/ERROR")){
value = "Error";
compliant = "incomplete";
comment = "Could not read /etc/ssh/sshd_config";
}else{
value = get_kb_item("Policy/linux/sshd_config/permituserenvironment");
compliant = policy_setting_exact_match(value:value, set_point:default);
comment = "";
}
policy_reporting(result:value, default:default, compliant:compliant, fixtext:solution,
type:test_type, test:cmd, info:comment);
policy_set_kbs(type:test_type, cmd:cmd, default:default, solution:solution, title:title,
value:value, compliant:compliant);
exit(0);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo14 Jan 2020 00:00Current
7.4High risk
Vulners AI Score7.4