Navigate

Check: GEN004600

AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE: GEN004600 (in versions v1 r14 through v1 r10)

Title

The SMTP service must be an up-to-date version. (Cat I impact)

Discussion

The SMTP service version on the system must be current to avoid exposing vulnerabilities present in unpatched versions.

Check Content

Determine the version of the SMTP service software. Locate the sendmail daemon. Procedure: # find / -name sendmail Obtain version information for the Sendmail daemon. Procedure: # what < file location > OR # strings < file location > | grep version OR # echo \$Z | sendmail -d0 Version 8.14.5 is the latest released version. If the Sendmail version is not at least 8.14.5 or the vendor's latest version, this is a finding.

Fix Text

Obtain and install a newer version of Sendmail from the operating system vendor or from http://www.sendmail.org or ftp://ftp.cs.berkeley.edu/ucb/sendmail.

Additional Identifiers

Rule ID: SV-38917r1_rule

Vulnerability ID: V-4689

Group Title: GEN004600

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001230	The organization incorporates flaw remediation into the organizational configuration management process.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
SI-2	Flaw Remediation