Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-4690 | GEN004620 | SV-45870r1_rule | High |
Description |
---|
Debug mode is a feature present in older versions of sendmail which, if not disabled, may allow an attacker to gain access to a system through the sendmail service. |
STIG | Date |
---|---|
SUSE Linux Enterprise Server v11 for System z | 2016-12-20 |
Check Text ( C-43187r1_chk ) |
---|
Check for an enabled "debug" command provided by the SMTP service. Procedure: # telnet localhost 25 debug If the command does not return a 500 error code of "command unrecognized", this is a finding. The SLES mainframe distribution ships with sendmail Version 8.14.3.-50.20.1 which is not vulnerable. This should never be a finding. |
Fix Text (F-39248r1_fix) |
---|
Obtain and install a newer version of the SMTP service software (sendmail or Postfix) fromNovell. |