Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-4692 | GEN004660 | SV-4692r2_rule | ECSC-1 | Low |
Description |
---|
The SMTP EXPN function allows an attacker to determine if an account exists on a system, providing significant assistance to a brute-force attack on user accounts. EXPN may also provide additional information concerning users on the system, such as the full names of account owners. |
STIG | Date |
---|---|
Solaris 9 SPARC Security Technical Implementation Guide | 2013-04-10 |
Check Text ( C-28638r1_chk ) |
---|
Determine if EXPN is disabled. Procedure: # telnet localhost 25 expn root If the command does not return a 500 error code of command unrecognized, this is a finding. OR Locate the sendmail.cf configuration file. Procedure: # find / -name sendmail.cf -print # grep -v "^#" Verify the EXPN command is disabled with an entry in the sendmail.cf file that reads as one of the following: Opnoexpn O PrivacyOptions=noexpn Opgoaway O PrivacyOptions=goaway (Other privacy options, such as novrfy or noetrn, may be included in the same line, separated by commas. The goaway option encompasses a number of privacy options, including noexpn.) If the EXPN command is not disabled, this is a finding. |
Fix Text (F-4620r2_fix) |
---|
Edit the sendmail.cf file and add Opnoexpn option. Restart the Sendmail service. |