Title

If the AIX host is running an SMTP service, the SMTP greeting must not provide version information. (Cat III impact)

Discussion

The version of the SMTP service can be used by attackers to plan an attack based on vulnerabilities present in the specific version.

Check Content

If the AIX host is not running an SMTP service, this is Not Applicable. Check the value of the "SmtpGreetingMessage" parameter in the "sendmail.cf" file: # grep SmtpGreetingMessage /etc/mail/sendmail.cf If the value of the "SmtpGreetingMessage" parameter contains the "$v" or "$Z" macros, this is a finding.

Fix Text

Ensure "Sendmail" or its equivalent has been configured to mask the version information. If necessary, change the "O SmtpGreetingMessage" line in the "/etc/sendmail.cf" file from: O SmtpGreetingMessage=$j Sendmail $v/$Z; $b to: O SmtpGreetingMessage= Mail Server Ready ; $b

Additional Identifiers

Rule ID: SV-215412r508663_rule

Vulnerability ID: V-215412

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.