{"description": "The Network Information Service (NIS), formerly known as Yellow Pages,\nis a client-server directory service protocol used to distribute system configuration\nfiles. The NIS client (<tt>ypbind</tt>) was used to bind a system to an NIS server\nand receive the distributed configuration files.", "rationale": "The NIS service is inherently an insecure system that has been vulnerable\nto DOS attacks, buffer overflows and has poor authentication for querying\nNIS maps. NIS generally has been replaced by such protocols as Lightweight\nDirectory Access Protocol (LDAP). It is recommended that the service be\nremoved.", "severity": "unknown", "references": {"hipaa": ["164.308(a)(4)(i)", "164.308(b)(1)", "164.308(b)(3)", "164.310(b)", "164.312(e)(1)", "164.312(e)(2)(ii)"], "anssi": ["R62"], "ism": ["1409"], "pcidss4": ["2.2.4", "2.2"]}, "control_references": {"anssi": ["R62"], "ism": ["1409"], "pcidss4": ["2.2.4", "2.2"]}, "components": [], "identifiers": {}, "ocil_clause": null, "ocil": "The <code>ypbind</code> package can be removed with the following command: <pre> $ apt-get remove ypbind</pre>", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Remove NIS Client", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml", "template": {"name": "package_removed", "vars": {"pkgname": "ypbind"}, "backends": {}}}