CCE-95692-0| Platform: cpe:/o:debian:debian_linux:11.x, cpe:/o:ubuntu:ubuntu_linux:16.04, cpe:/o:ubuntu:ubuntu_linux:18.04, cpe:/o:ubuntu:ubuntu_linux:20.04, cpe:/o:ubuntu:ubuntu_linux:22.04, cpe:/o:ubuntu:ubuntu_linux:23.04 | Date: (C)2021-03-08 (M)2023-09-01 |
The Network Information Service (NIS), formerly known as Yellow Pages, is a client-server directory service protocol used to distribute system configuration files. The NIS client ( ypbind ) was used to bind a machine to an NIS server and receive the distributed configuration files.
Rationale:
The NIS service is inherently an insecure system that has been vulnerable to DOS attacks, buffer overflows and has poor authentication for querying NIS maps. NIS generally has been replaced by such protocols as Lightweight Directory Access Protocol (LDAP). It is recommended that the service be removed.
Fix:
Uninstall nis using following command: apt purge nis
Parameter:
[yes/no]
Technical Mechanism:
Uninstall nis using following command: apt purge nis
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 8.6 | Attack Vector: NETWORK |
| Exploit Score: 3.9 | Attack Complexity: LOW |
| Impact Score: 4.7 | Privileges Required: NONE |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H | Scope: UNCHANGED |
| | Confidentiality: LOW |
| | Integrity: LOW |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:87406 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:70820 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:92307 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:68740 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:70720 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:85269 |
