Check: GEN004540
HP-UX 11.23 STIG:
GEN004540
(in version v1 r8)
Title
The SMTP service HELP command must not be enabled. (Cat II impact)
Discussion
The HELP command should be disabled to mask version information. The version of the SMTP service software could be used by attackers to target vulnerabilities present in specific software versions.
Check Content
Check if Help is disabled in Sendmail. # telnet <host> 25 > help If the help command returns any Sendmail version information, this is a finding.
Fix Text
To disable the SMTP HELP command, remove or empty the Sendmail help file: /etc/mail/helpfile.
Additional Identifiers
Rule ID: SV-35059r1_rule
Vulnerability ID: V-12006
Group Title: GEN004540
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |