Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The SMTP service SMTP greeting must not provide version information.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-89665 | VRAU-SL-000615 | SV-100315r1_rule | Medium |
| Description |
|---|
| The version of the SMTP service can be used by attackers to plan an attack based on vulnerabilities present in the specific version. |
| STIG | Date |
|---|---|
| VMware vRealize Automation 7.x SLES Security Technical Implementation Guide | 2018-10-12 |
Details
| Check Text ( C-89357r1_chk ) |
|---|
| To check for the sendmail version being displayed in the greeting: # more /etc/sendmail.cf | grep SmtpGreetingMessage If it returns the following: O SmtpGreetingMessage=$j Sendmail $v/$Z; $b Then sendmail is providing version information, and this is a finding. |
| Fix Text (F-96407r1_fix) |
|---|
| Change the "O SmtpGreetingMessage" line in the /etc/sendmail.cf file to: O SmtpGreetingMessage= Mail Server Ready ; $b |