Check: GEN004540
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN004540
(in versions v1 r14 through v1 r10)
Title
The SMTP service HELP command must not be enabled. (Cat II impact)
Discussion
The HELP command should be disabled to mask version information. The version of the SMTP service software could be used by attackers to target vulnerabilities present in specific software versions.
Check Content
Check to see if help is disabled in Sendmail. Procedure: # telnet <host> 25 help If the help command returns any Sendmail version information, this is a finding.
Fix Text
To disable the SMTP HELP command create an empty Sendmail help file. # > /etc/mail/help
Additional Identifiers
Rule ID: SV-38885r1_rule
Vulnerability ID: V-12006
Group Title: GEN004540
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |