diff options
| -rw-r--r-- | CHANGELOG.md | 15 | ||||
| -rw-r--r-- | db/tests.db | 1 | ||||
| -rw-r--r-- | include/tests_authentication | 2 | ||||
| -rw-r--r-- | include/tests_malware | 18 | ||||
| -rw-r--r-- | include/tests_ssh | 2 | ||||
| -rwxr-xr-x | lynis | 6 |
6 files changed, 37 insertions, 7 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index ac435bd5..acfa1b28 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,16 +1,27 @@ # Lynis Changelog -## Lynis 3.0.7 (Not released yet) +## Lynis 3.0.8 (not released yet) + +### Added +- MALW-3274 - Detect McAfee VirusScan Command Line Scanner + +--------------------------------------------------------------------------------- + +## Lynis 3.0.7 (2022-01-18) ### Added - MALW-3290 - Show status of malware components -- OS detection for RHEL 6 +- OS detection for RHEL 6 and Funtoo Linux +- Added service manager openrc ### Changed - DBS-1804 - Added alias for MariaDB - FINT-4316 - Support for newer Ubuntu versions - MALW-3280 - Added Trend Micro malware agent +- NETW-3200 - Allow unknown number of spaces in modprobe blacklists +- PKGS-7320 - Support for Garuda Linux and arch-audit - Several improvements for busybox shell +- Russian translation of Lynis extended --------------------------------------------------------------------------------- diff --git a/db/tests.db b/db/tests.db index c9c4797f..522441f4 100644 --- a/db/tests.db +++ b/db/tests.db @@ -265,6 +265,7 @@ MAIL-8838:test:security:mail_messaging::Check dovecot process: MAIL-8860:test:security:mail_messaging::Check Qmail status: MAIL-8880:test:security:mail_messaging::Check Sendmail status: MAIL-8920:test:security:mail_messaging::Check OpenSMTPD status: +MALW-3274:test:security:malware::Check for McAfee VirusScan Command Line Scanner: MALW-3275:test:security:malware::Check for chkrootkit: MALW-3276:test:security:malware::Check for Rootkit Hunter: MALW-3278:test:security:malware::Check for LMD: diff --git a/include/tests_authentication b/include/tests_authentication index 2712aa34..1718f99a 100644 --- a/include/tests_authentication +++ b/include/tests_authentication @@ -916,7 +916,7 @@ LogText "Result: found one or more accounts without password" for I in ${FIND2}; do LogText "Account without password: ${I}" - Report "account_without_password=${I}" + Report "account_without_password[]=${I}" done Display --indent 2 --text "- Accounts without password" --result "${STATUS_WARNING}" --color RED ReportWarning "${TEST_NO}" "Found accounts without password" diff --git a/include/tests_malware b/include/tests_malware index cb13ca96..40336fa5 100644 --- a/include/tests_malware +++ b/include/tests_malware @@ -46,6 +46,24 @@ # ################################################################################# # + # Test : MALW-3274 + # Description : Check for installed tool (McAfee VirusScan for Command Line) + Register --test-no MALW-3274 --weight L --network NO --category security --description "Check for McAfee VirusScan Command Line" + if [ ${SKIPTEST} -eq 0 ]; then + LogText "Test: checking presence McAfee VirusScan for Command Line" + if [ -x /usr/local/uvscan/uvscan ]; then + Display --indent 2 --text "- ${GEN_CHECKING} McAfee VirusScan for Command Line" --result "${STATUS_FOUND}" --color GREEN + LogText "Result: Found ${MCAFEECLBINARY}" + MALWARE_SCANNER_INSTALLED=1 + AddHP 2 2 + Report "malware_scanner[]=mcafeecl" + else + LogText "Result: McAfee VirusScan for Command Line not found" + fi + fi +# +################################################################################# +# # Test : MALW-3275 # Description : Check for installed tool (chkrootkit) Register --test-no MALW-3275 --weight L --network NO --category security --description "Check for chkrootkit" diff --git a/include/tests_ssh b/include/tests_ssh index 7f31c348..de3209ee 100644 --- a/include/tests_ssh +++ b/include/tests_ssh @@ -74,7 +74,7 @@ LogText "Result: ${I}/sshd_config exists" if [ ${FOUND} -eq 1 ]; then ReportException "${TEST_NO}:01" - LogText "Result: we already had found another sshd_config file. Using this new file then." + LogText "Result: we already found another sshd_config file. Using this new file instead of the previous one." fi FileIsReadable ${I}/sshd_config if [ ${CANREAD} -eq 1 ]; then @@ -43,10 +43,10 @@ PROGRAM_WEBSITE="https://cisofy.com/lynis/" # Version details - PROGRAM_RELEASE_DATE="2021-07-27" - PROGRAM_RELEASE_TIMESTAMP=1627375518 + PROGRAM_RELEASE_DATE="2022-01-31" + PROGRAM_RELEASE_TIMESTAMP=1643632222 PROGRAM_RELEASE_TYPE="pre-release" # pre-release or release - PROGRAM_VERSION="3.0.7" + PROGRAM_VERSION="3.0.8" # Source, documentation and license PROGRAM_SOURCE="https://github.com/CISOfy/lynis" |