Search...

Test System if NIS Server ore Client installed

2010-05-07T00:00:00

ID OPENVAS:136141256231096102
Type openvas
Reporter Copyright (C) 2010 Greenbone Networks GmbH
Modified 2020-03-30T00:00:00

Description

Test System if NIS Server or Client are installed.

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# Test System if NIS Server ore Client installed
#
# Authors:
# Thomas Rotter &lt;T.Rotter@dn-systems.de&gt;
#
# Copyright:
# Copyright (C) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.96102");
  script_version("2020-03-30T06:54:10+0000");
  script_tag(name:"last_modification", value:"2020-03-30 06:54:10 +0000 (Mon, 30 Mar 2020)");
  script_tag(name:"creation_date", value:"2010-05-07 15:05:51 +0200 (Fri, 07 May 2010)");
  script_tag(name:"cvss_base", value:"0.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:N");
  script_name("Test System if NIS Server ore Client installed");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2010 Greenbone Networks GmbH");
  script_family("IT-Grundschutz");
  script_dependencies("compliance_tests.nasl", "gather-package-list.nasl", "smb_nativelanman.nasl", "netbios_name_get.nasl");
  script_mandatory_keys("Compliance/Launch/GSHB");

  script_tag(name:"summary", value:"Test System if NIS Server or Client are installed.");

  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("ssh_func.inc");
include("misc_func.inc");
include("smb_nt.inc");

port = get_preference("auth_port_ssh");
if(!port)
  port = ssh_get_port(default:22, ignore_unscanned:TRUE);

sock = ssh_login_or_reuse_connection();
if(!sock) {
    error = ssh_get_error();
    if (!error) error = "No SSH Port or Connection!";
    log_message(port:port, data:error);
    set_kb_item(name: "GSHB/NIS/server", value:"error");
    set_kb_item(name: "GSHB/NIS/client", value:"error");
    set_kb_item(name: "GSHB/NIS/ypbind", value:"error");
    set_kb_item(name: "GSHB/NIS/ypserv", value:"error");
    set_kb_item(name: "GSHB/NIS/NisPlusUserwopw", value:"error");
    set_kb_item(name: "GSHB/NIS/NisPlusGenUserwopw", value:"error");
    set_kb_item(name: "GSHB/NIS/NisPlusUserwpw", value:"error");
    set_kb_item(name: "GSHB/NIS/NisPlusGenUserwpw", value:"error");
    set_kb_item(name: "GSHB/NIS/LocalUID0", value:"error");
    set_kb_item(name: "GSHB/NIS/NisPlusGroupwopw", value:"error");
    set_kb_item(name: "GSHB/NIS/NisPlusGenGroupwopw", value:"error");
    set_kb_item(name: "GSHB/NIS/NisPlusGroupwpw", value:"error");
    set_kb_item(name: "GSHB/NIS/NisPlusGenGroupwpw", value:"error");
    set_kb_item(name: "GSHB/NIS/hostsdeny", value:"error");
    set_kb_item(name: "GSHB/NIS/hostsallow", value:"error");
    set_kb_item(name: "GSHB/NIS/securenets", value:"error");
    set_kb_item(name: "GSHB/NIS/log", value:error);
    exit(0);
}
SAMBA = kb_smb_is_samba();
SSHUNAME = get_kb_item("ssh/login/uname");

if (SAMBA || (SSHUNAME && ("command not found" &gt;!&lt; SSHUNAME && "CYGWIN" &gt;!&lt; SSHUNAME))){
  rpms = get_kb_item("ssh/login/packages");

  if (rpms){
    pkg1 = "nis";
    pkg2 = "yp-tools";
    pkg3 = "ypbind";
    pkg4 = "ypserv";
    pkg5 = "rpcbind";
    pkg6 = "portmap";

    pat1 = string("ii  (", pkg1, ") +([0-9]:)?([^ ]+)");
    pat2 = string("ii  (", pkg2, ") +([0-9]:)?([^ ]+)");
    pat3 = string("ii  (", pkg3, ") +([0-9]:)?([^ ]+)");
    pat4 = string("ii  (", pkg4, ") +([0-9]:)?([^ ]+)");
    pat5 = string("ii  (", pkg5, ") +([0-9]:)?([^ ]+)");
    pat6 = string("ii  (", pkg6, ") +([0-9]:)?([^ ]+)");
    desc1 = eregmatch(pattern:pat1, string:rpms);
    desc2 = eregmatch(pattern:pat2, string:rpms);
    desc3 = eregmatch(pattern:pat3, string:rpms);
    desc4 = eregmatch(pattern:pat4, string:rpms);
    desc5 = eregmatch(pattern:pat5, string:rpms);
    desc6 = eregmatch(pattern:pat6, string:rpms);
  }else{

    rpms = get_kb_item("ssh/login/rpms");

    tmp = split(rpms, keep:0);

    if (max_index(tmp) &lt;= 1)rpms = ereg_replace(string:rpms, pattern:";", replace:'\n');

    pkg1 = "nis";
    pkg2 = "yp-tools";
    pkg3 = "ypbind";
    pkg4 = "ypserv";
    pkg5 = "rpcbind";
    pkg6 = "portmap";

    pat1 = string("(", pkg1, ")~([0-9a-zA-Z/.-_/+]+)~([0-9a-zA-Z/.-_]+)");
    pat2 = string("(", pkg2, ")~([0-9a-zA-Z/.-_/+]+)~([0-9a-zA-Z/.-_]+)");
    pat3 = string("(", pkg3, ")~([0-9a-zA-Z/.-_/+]+)~([0-9a-zA-Z/.-_]+)");
    pat4 = string("(", pkg4, ")~([0-9a-zA-Z/.-_/+]+)~([0-9a-zA-Z/.-_]+)");
    pat5 = string("(", pkg5, ")~([0-9a-zA-Z/.-_/+]+)~([0-9a-zA-Z/.-_]+)");
    pat6 = string("(", pkg6, ")~([0-9a-zA-Z/.-_/+]+)~([0-9a-zA-Z/.-_]+)");
    desc1 = eregmatch(pattern:pat1, string:rpms);
    desc2 = eregmatch(pattern:pat2, string:rpms);
    desc3 = eregmatch(pattern:pat3, string:rpms);
    desc4 = eregmatch(pattern:pat4, string:rpms);
    desc5 = eregmatch(pattern:pat5, string:rpms);
    desc6 = eregmatch(pattern:pat6, string:rpms);
  }


  if (desc1 || desc4) nisserver = "yes";
  else nisserver = "no";
  if ((desc1 && (desc5 || desc6)) || (desc2 && desc3 && (desc5 || desc6))) nisclient = "yes";
  else nisclient = "no";

  passwd = ssh_cmd(socket:sock, cmd:"cat /etc/passwd");
  group = ssh_cmd(socket:sock, cmd:"cat /etc/group");

  ypbind = ssh_cmd(socket:sock, cmd:"ps -C ypbind");
  if ("bash: /bin/ps:" &gt;!&lt; ypbind){
    Lst = split(ypbind, keep:0);
    if ("ypbind" &gt;&lt; Lst[1]) ypbind = "yes";
    else ypbind = "no";
  }else{
    ypbind = ssh_cmd(socket:sock, cmd:"rpcinfo -u localhost ypbind");
    if ("is not available" &gt;&lt; ypbind || "ist nicht verfügbar" &gt;&lt; ypbind) ypbind = "no";
    if ("ready and waiting" &gt;&lt; ypbind || "ist bereit und wartet" &gt;&lt; ypbind) ypbind = "yes";
    else ypbind = "unknown";
  }

  ypserv = ssh_cmd(socket:sock, cmd:"ps -C ypserv");
  if ("bash: /bin/ps:" &gt;!&lt; ypserv){
    Lst = split(ypserv, keep:0);
    if ("ypserv" &gt;&lt; Lst[1]) ypserv = "yes";
    else ypserv = "no";
  }else{
    ypserv = ssh_cmd(socket:sock, cmd:"rpcinfo -u localhost ypserv");
    if ("is not available" &gt;&lt; ypserv || "ist nicht verfügbar" &gt;&lt; ypserv) ypserv = "no";
    if ("ready and waiting" &gt;&lt; ypserv || "ist bereit und wartet" &gt;&lt; ypserv) ypserv = "yes";
    else ypserv = "unknown";
  }
}
else{
  nisserver = "windows";
  nisclient = "windows";
}


Lst = split(passwd, keep:0);
for(i=0; i&lt;max_index(Lst); i++){
  if ("+::0:0:::" &gt;&lt; Lst[i]) NisPlusUserwopw = "yes";
  if ("+::::::" &gt;&lt; Lst[i]) NisPlusGenUserwopw = "yes";
  if ("+:*:0:0:::" &gt;&lt; Lst[i]) NisPlusUserwpw = "yes";
  if ("+:*:::::" &gt;&lt; Lst[i]) NisPlusGenUserwpw = "yes";
  if (Lst[i] =~ "^\+.*:.*:0:0:.*:.*:.*") userval = "yes";
  else  if (Lst[i] =~ "^\+.*::0:0:.*:.*:.*") userval = "yes";
  if (Lst[i] =~ "^[^\+]*:.*:0:0:.*:.*:.*") {
    if (userval != "yes") LocalUID0 = "first";
    else LocalUID0 = "not first";
  }
}
Lst = split(group, keep:0);
for(i=0; i&lt;max_index(Lst); i++){
  if ("+::0:" &gt;&lt; Lst[i]) NisPlusGroupwopw = "yes";
  if ("+:::" &gt;&lt; Lst[i]) NisPlusGenGroupwopw = "yes";
  if ("+:*:0:" &gt;&lt; Lst[i]) NisPlusGroupwpw = "yes";
  if ("+:*::" &gt;&lt; Lst[i]) NisPlusGenGroupwpw = "yes";
}

  securenets = ssh_cmd(socket:sock, cmd:"grep -v '^#' /etc/ypserv.securenets");
  hostsdeny = ssh_cmd(socket:sock, cmd:"grep -v '^#' /etc/hosts.deny | grep ypserv:");
  hostsallow = ssh_cmd(socket:sock, cmd:"grep -v '^#' /etc/hosts.allow | grep ypserv:");

  if (!hostsdeny || hostsdeny == "")hostsdeny = "noentry";
  if (!hostsallow || hostsallow == "")hostsallow = "noentry";
  if ("0.0.0.0" &gt;&lt; securenets){
    Lst = split(securenets, keep:0);
    for(i=0; i&lt;max_index(Lst); i++){
      if (Lst[i] =~ "(#).*(0\.0\.0\.0.*0\.0\.0\.0)")continue;
      if (Lst[i] =~ ".*(0\.0\.0\.0.*0\.0\.0\.0)") securenetsval = "everybody";
    }
  }


if (!NisPlusUserwopw) NisPlusUserwopw = "no";
if (!NisPlusGenUserwopw) NisPlusGenUserwopw = "no";
if (!NisPlusUserwpw) NisPlusUserwpw = "no";
if (!NisPlusGenUserwpw) NisPlusGenUserwpw = "no";
if (!NisPlusUserwpw) NisPlusUserwpw = "no";
if (!NisPlusGroupwopw) NisPlusGroupwopw = "no";
if (!NisPlusGenGroupwopw) NisPlusGenGroupwopw = "no";
if (!NisPlusGroupwpw) NisPlusGroupwpw = "no";
if (!NisPlusGenGroupwpw) NisPlusGenGroupwpw = "no";
if (!LocalUID0) LocalUID0 = "no";
if (!securenetsval) securenetsval = "none";

set_kb_item(name: "GSHB/NIS/server", value:nisserver);
set_kb_item(name: "GSHB/NIS/client", value:nisclient);
set_kb_item(name: "GSHB/NIS/ypbind", value:ypbind);
set_kb_item(name: "GSHB/NIS/ypserv", value:ypserv);
set_kb_item(name: "GSHB/NIS/NisPlusUserwopw", value:NisPlusUserwopw);
set_kb_item(name: "GSHB/NIS/NisPlusGenUserwopw", value:NisPlusGenUserwopw);
set_kb_item(name: "GSHB/NIS/NisPlusUserwpw", value:NisPlusUserwpw);
set_kb_item(name: "GSHB/NIS/NisPlusGenUserwpw", value:NisPlusGenUserwpw);
set_kb_item(name: "GSHB/NIS/LocalUID0", value:LocalUID0);
set_kb_item(name: "GSHB/NIS/NisPlusGroupwopw", value:NisPlusGroupwopw);
set_kb_item(name: "GSHB/NIS/NisPlusGenGroupwopw", value:NisPlusGenGroupwpw);
set_kb_item(name: "GSHB/NIS/NisPlusGroupwpw", value:NisPlusGroupwpw);
set_kb_item(name: "GSHB/NIS/NisPlusGenGroupwpw", value:NisPlusGenGroupwpw);
set_kb_item(name: "GSHB/NIS/hostsdeny", value:hostsdeny);
set_kb_item(name: "GSHB/NIS/hostsallow", value:hostsallow);
set_kb_item(name: "GSHB/NIS/securenets", value:securenetsval);
exit(0);

JSON Vulners Source

Initial Source

{"id": "OPENVAS:136141256231096102", "type": "openvas", "bulletinFamily": "scanner", "title": "Test System if NIS Server ore Client installed", "description": "Test System if NIS Server or Client are installed.", "published": "2010-05-07T00:00:00", "modified": "2020-03-30T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231096102", "reporter": "Copyright (C) 2010 Greenbone Networks GmbH", "references": [], "cvelist": [], "lastseen": "2020-03-31T16:38:31", "viewCount": 1, "enchantments": {"dependencies": {"references": [], "modified": "2020-03-31T16:38:31", "rev": 2}, "score": {"value": -0.1, "vector": "NONE", "modified": "2020-03-31T16:38:31", "rev": 2}, "vulnersScore": -0.1}, "pluginID": "136141256231096102", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Test System if NIS Server ore Client installed\n#\n# Authors:\n# Thomas Rotter <T.Rotter@dn-systems.de>\n#\n# Copyright:\n# Copyright (C) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.96102\");\n script_version(\"2020-03-30T06:54:10+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-30 06:54:10 +0000 (Mon, 30 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-05-07 15:05:51 +0200 (Fri, 07 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"0.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:N\");\n script_name(\"Test System if NIS Server ore Client installed\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"IT-Grundschutz\");\n script_dependencies(\"compliance_tests.nasl\", \"gather-package-list.nasl\", \"smb_nativelanman.nasl\", \"netbios_name_get.nasl\");\n script_mandatory_keys(\"Compliance/Launch/GSHB\");\n\n script_tag(name:\"summary\", value:\"Test System if NIS Server or Client are installed.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"ssh_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_nt.inc\");\n\nport = get_preference(\"auth_port_ssh\");\nif(!port)\n port = ssh_get_port(default:22, ignore_unscanned:TRUE);\n\nsock = ssh_login_or_reuse_connection();\nif(!sock) {\n error = ssh_get_error();\n if (!error) error = \"No SSH Port or Connection!\";\n log_message(port:port, data:error);\n set_kb_item(name: \"GSHB/NIS/server\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/client\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/ypbind\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/ypserv\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/NisPlusUserwopw\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/NisPlusGenUserwopw\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/NisPlusUserwpw\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/NisPlusGenUserwpw\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/LocalUID0\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/NisPlusGroupwopw\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/NisPlusGenGroupwopw\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/NisPlusGroupwpw\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/NisPlusGenGroupwpw\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/hostsdeny\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/hostsallow\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/securenets\", value:\"error\");\n set_kb_item(name: \"GSHB/NIS/log\", value:error);\n exit(0);\n}\nSAMBA = kb_smb_is_samba();\nSSHUNAME = get_kb_item(\"ssh/login/uname\");\n\nif (SAMBA || (SSHUNAME && (\"command not found\" >!< SSHUNAME && \"CYGWIN\" >!< SSHUNAME))){\n rpms = get_kb_item(\"ssh/login/packages\");\n\n if (rpms){\n pkg1 = \"nis\";\n pkg2 = \"yp-tools\";\n pkg3 = \"ypbind\";\n pkg4 = \"ypserv\";\n pkg5 = \"rpcbind\";\n pkg6 = \"portmap\";\n\n pat1 = string(\"ii (\", pkg1, \") +([0-9]:)?([^ ]+)\");\n pat2 = string(\"ii (\", pkg2, \") +([0-9]:)?([^ ]+)\");\n pat3 = string(\"ii (\", pkg3, \") +([0-9]:)?([^ ]+)\");\n pat4 = string(\"ii (\", pkg4, \") +([0-9]:)?([^ ]+)\");\n pat5 = string(\"ii (\", pkg5, \") +([0-9]:)?([^ ]+)\");\n pat6 = string(\"ii (\", pkg6, \") +([0-9]:)?([^ ]+)\");\n desc1 = eregmatch(pattern:pat1, string:rpms);\n desc2 = eregmatch(pattern:pat2, string:rpms);\n desc3 = eregmatch(pattern:pat3, string:rpms);\n desc4 = eregmatch(pattern:pat4, string:rpms);\n desc5 = eregmatch(pattern:pat5, string:rpms);\n desc6 = eregmatch(pattern:pat6, string:rpms);\n }else{\n\n rpms = get_kb_item(\"ssh/login/rpms\");\n\n tmp = split(rpms, keep:0);\n\n if (max_index(tmp) <= 1)rpms = ereg_replace(string:rpms, pattern:\";\", replace:'\\n');\n\n pkg1 = \"nis\";\n pkg2 = \"yp-tools\";\n pkg3 = \"ypbind\";\n pkg4 = \"ypserv\";\n pkg5 = \"rpcbind\";\n pkg6 = \"portmap\";\n\n pat1 = string(\"(\", pkg1, \")~([0-9a-zA-Z/.-_/+]+)~([0-9a-zA-Z/.-_]+)\");\n pat2 = string(\"(\", pkg2, \")~([0-9a-zA-Z/.-_/+]+)~([0-9a-zA-Z/.-_]+)\");\n pat3 = string(\"(\", pkg3, \")~([0-9a-zA-Z/.-_/+]+)~([0-9a-zA-Z/.-_]+)\");\n pat4 = string(\"(\", pkg4, \")~([0-9a-zA-Z/.-_/+]+)~([0-9a-zA-Z/.-_]+)\");\n pat5 = string(\"(\", pkg5, \")~([0-9a-zA-Z/.-_/+]+)~([0-9a-zA-Z/.-_]+)\");\n pat6 = string(\"(\", pkg6, \")~([0-9a-zA-Z/.-_/+]+)~([0-9a-zA-Z/.-_]+)\");\n desc1 = eregmatch(pattern:pat1, string:rpms);\n desc2 = eregmatch(pattern:pat2, string:rpms);\n desc3 = eregmatch(pattern:pat3, string:rpms);\n desc4 = eregmatch(pattern:pat4, string:rpms);\n desc5 = eregmatch(pattern:pat5, string:rpms);\n desc6 = eregmatch(pattern:pat6, string:rpms);\n }\n\n\n if (desc1 || desc4) nisserver = \"yes\";\n else nisserver = \"no\";\n if ((desc1 && (desc5 || desc6)) || (desc2 && desc3 && (desc5 || desc6))) nisclient = \"yes\";\n else nisclient = \"no\";\n\n passwd = ssh_cmd(socket:sock, cmd:\"cat /etc/passwd\");\n group = ssh_cmd(socket:sock, cmd:\"cat /etc/group\");\n\n ypbind = ssh_cmd(socket:sock, cmd:\"ps -C ypbind\");\n if (\"bash: /bin/ps:\" >!< ypbind){\n Lst = split(ypbind, keep:0);\n if (\"ypbind\" >< Lst[1]) ypbind = \"yes\";\n else ypbind = \"no\";\n }else{\n ypbind = ssh_cmd(socket:sock, cmd:\"rpcinfo -u localhost ypbind\");\n if (\"is not available\" >< ypbind || \"ist nicht verf\u00fcgbar\" >< ypbind) ypbind = \"no\";\n if (\"ready and waiting\" >< ypbind || \"ist bereit und wartet\" >< ypbind) ypbind = \"yes\";\n else ypbind = \"unknown\";\n }\n\n ypserv = ssh_cmd(socket:sock, cmd:\"ps -C ypserv\");\n if (\"bash: /bin/ps:\" >!< ypserv){\n Lst = split(ypserv, keep:0);\n if (\"ypserv\" >< Lst[1]) ypserv = \"yes\";\n else ypserv = \"no\";\n }else{\n ypserv = ssh_cmd(socket:sock, cmd:\"rpcinfo -u localhost ypserv\");\n if (\"is not available\" >< ypserv || \"ist nicht verf\u00fcgbar\" >< ypserv) ypserv = \"no\";\n if (\"ready and waiting\" >< ypserv || \"ist bereit und wartet\" >< ypserv) ypserv = \"yes\";\n else ypserv = \"unknown\";\n }\n}\nelse{\n nisserver = \"windows\";\n nisclient = \"windows\";\n}\n\n\nLst = split(passwd, keep:0);\nfor(i=0; i<max_index(Lst); i++){\n if (\"+::0:0:::\" >< Lst[i]) NisPlusUserwopw = \"yes\";\n if (\"+::::::\" >< Lst[i]) NisPlusGenUserwopw = \"yes\";\n if (\"+:*:0:0:::\" >< Lst[i]) NisPlusUserwpw = \"yes\";\n if (\"+:*:::::\" >< Lst[i]) NisPlusGenUserwpw = \"yes\";\n if (Lst[i] =~ \"^\\+.*:.*:0:0:.*:.*:.*\") userval = \"yes\";\n else if (Lst[i] =~ \"^\\+.*::0:0:.*:.*:.*\") userval = \"yes\";\n if (Lst[i] =~ \"^[^\\+]*:.*:0:0:.*:.*:.*\") {\n if (userval != \"yes\") LocalUID0 = \"first\";\n else LocalUID0 = \"not first\";\n }\n}\nLst = split(group, keep:0);\nfor(i=0; i<max_index(Lst); i++){\n if (\"+::0:\" >< Lst[i]) NisPlusGroupwopw = \"yes\";\n if (\"+:::\" >< Lst[i]) NisPlusGenGroupwopw = \"yes\";\n if (\"+:*:0:\" >< Lst[i]) NisPlusGroupwpw = \"yes\";\n if (\"+:*::\" >< Lst[i]) NisPlusGenGroupwpw = \"yes\";\n}\n\n securenets = ssh_cmd(socket:sock, cmd:\"grep -v '^#' /etc/ypserv.securenets\");\n hostsdeny = ssh_cmd(socket:sock, cmd:\"grep -v '^#' /etc/hosts.deny | grep ypserv:\");\n hostsallow = ssh_cmd(socket:sock, cmd:\"grep -v '^#' /etc/hosts.allow | grep ypserv:\");\n\n if (!hostsdeny || hostsdeny == \"\")hostsdeny = \"noentry\";\n if (!hostsallow || hostsallow == \"\")hostsallow = \"noentry\";\n if (\"0.0.0.0\" >< securenets){\n Lst = split(securenets, keep:0);\n for(i=0; i<max_index(Lst); i++){\n if (Lst[i] =~ \"(#).*(0\\.0\\.0\\.0.*0\\.0\\.0\\.0)\")continue;\n if (Lst[i] =~ \".*(0\\.0\\.0\\.0.*0\\.0\\.0\\.0)\") securenetsval = \"everybody\";\n }\n }\n\n\nif (!NisPlusUserwopw) NisPlusUserwopw = \"no\";\nif (!NisPlusGenUserwopw) NisPlusGenUserwopw = \"no\";\nif (!NisPlusUserwpw) NisPlusUserwpw = \"no\";\nif (!NisPlusGenUserwpw) NisPlusGenUserwpw = \"no\";\nif (!NisPlusUserwpw) NisPlusUserwpw = \"no\";\nif (!NisPlusGroupwopw) NisPlusGroupwopw = \"no\";\nif (!NisPlusGenGroupwopw) NisPlusGenGroupwopw = \"no\";\nif (!NisPlusGroupwpw) NisPlusGroupwpw = \"no\";\nif (!NisPlusGenGroupwpw) NisPlusGenGroupwpw = \"no\";\nif (!LocalUID0) LocalUID0 = \"no\";\nif (!securenetsval) securenetsval = \"none\";\n\nset_kb_item(name: \"GSHB/NIS/server\", value:nisserver);\nset_kb_item(name: \"GSHB/NIS/client\", value:nisclient);\nset_kb_item(name: \"GSHB/NIS/ypbind\", value:ypbind);\nset_kb_item(name: \"GSHB/NIS/ypserv\", value:ypserv);\nset_kb_item(name: \"GSHB/NIS/NisPlusUserwopw\", value:NisPlusUserwopw);\nset_kb_item(name: \"GSHB/NIS/NisPlusGenUserwopw\", value:NisPlusGenUserwopw);\nset_kb_item(name: \"GSHB/NIS/NisPlusUserwpw\", value:NisPlusUserwpw);\nset_kb_item(name: \"GSHB/NIS/NisPlusGenUserwpw\", value:NisPlusGenUserwpw);\nset_kb_item(name: \"GSHB/NIS/LocalUID0\", value:LocalUID0);\nset_kb_item(name: \"GSHB/NIS/NisPlusGroupwopw\", value:NisPlusGroupwopw);\nset_kb_item(name: \"GSHB/NIS/NisPlusGenGroupwopw\", value:NisPlusGenGroupwpw);\nset_kb_item(name: \"GSHB/NIS/NisPlusGroupwpw\", value:NisPlusGroupwpw);\nset_kb_item(name: \"GSHB/NIS/NisPlusGenGroupwpw\", value:NisPlusGenGroupwpw);\nset_kb_item(name: \"GSHB/NIS/hostsdeny\", value:hostsdeny);\nset_kb_item(name: \"GSHB/NIS/hostsallow\", value:hostsallow);\nset_kb_item(name: \"GSHB/NIS/securenets\", value:securenetsval);\nexit(0);\n", "naslFamily": "IT-Grundschutz"}