An error occurred:

Check: GEN004540

HP-UX 11.31 STIG: GEN004540 (in versions v1 r19 through v1 r14)

Title

The SMTP service HELP command must not be enabled. (Cat II impact)

Discussion

The HELP command should be disabled to mask version information. The version of the SMTP service software could be used by attackers to target vulnerabilities present in specific software versions.

Check Content

Verify that the Help command is disabled in Sendmail: # ls -al /etc/mail/helpfile If the file does not exist, this is not a finding. If the help file does exist, verify that the file is empty: # cat /etc/mail/helpfile If the help file is not empty, this is a finding.

Fix Text

To disable the SMTP HELP command, remove or empty the Sendmail help file: /etc/mail/helpfile.

Additional Identifiers

Rule ID: SV-35059r2_rule

Vulnerability ID: V-12006

Group Title: GEN004540

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000366

The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6

Configuration Settings