The SMTP service must be an up-to-date version.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-4689	GEN004600	SV-38917r1_rule	VIVM-1	High

Description
The SMTP service version on the system must be current to avoid exposing vulnerabilities present in unpatched versions.

STIG	Date
AIX 5.3 SECURITY TECHNICAL IMPLEMENTATION GUIDE	2014-10-03

Details

Check Text ( C-36887r2_chk )
Determine the version of the SMTP service software. Locate the sendmail daemon. Procedure: # find / -name sendmail Obtain version information for the Sendmail daemon. Procedure: # what < file location > OR # strings < file location > \| grep version OR # echo \$Z \| sendmail -d0 Version 8.14.5 is the latest released version. If the Sendmail version is not at least 8.14.5 or the vendor's latest version, this is a finding.

Check Text ( C-36887r2_chk )

Determine the version of the SMTP service software.

Locate the sendmail daemon.
Procedure:
# find / -name sendmail

Obtain version information for the Sendmail daemon.
Procedure:
# what < file location >
OR
# strings < file location > | grep version
OR
# echo \$Z | sendmail -d0

Version 8.14.5 is the latest released version.

If the Sendmail version is not at least 8.14.5 or the vendor's latest version, this is a finding.

Fix Text (F-33422r1_fix)
Obtain and install a newer version of Sendmail from the operating system vendor or from http://www.sendmail.org or ftp://ftp.cs.berkeley.edu/ucb/sendmail.