Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The SMTP services SMTP greeting must not provide version information.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-239538 | VROM-SL-000595 | SV-239538r662065_rule | Medium |
| Description |
|---|
| The version of the SMTP service can be used by attackers to plan an attack based on vulnerabilities present in the specific version. |
| STIG | Date |
|---|---|
| VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide | 2021-07-01 |
Details
| Check Text ( C-42771r662063_chk ) |
|---|
| To check for the sendmail version being displayed in the greeting: # more /etc/sendmail.cf | grep SmtpGreetingMessage If it returns: O SmtpGreetingMessage=$j Sendmail $v/$Z; $b Then sendmail is providing version information, this is a finding. |
| Fix Text (F-42730r662064_fix) |
|---|
| Change the "O SmtpGreetingMessage" line in the "/etc/sendmail.cf" file to: O SmtpGreetingMessage= Mail Server Ready ; $b |