This built-in function ensures that each line in /etc/passwd has a valid format (e.g., seven fields separated by colon). If a line is malformed, it is reported and the check fails.

Having a malformed /etc/passwd file can break several user-management tools. It may also indicate a break-in or a bug in a custom user-management application. It may also show that someone attempted to add a user with an invalid name (in the past, it was popular to create a user named “toor:0:0” to obtain root privileges).

If the test is considered non-compliant, the administrator must remove or fix the offending lines from /etc/passwd.



name: "passwd_file_consistency"

description: "This check makes sure /etc/passwd is valid."


Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.