Title

The SMTP service HELP command must not be enabled on AIX. (Cat II impact)

Discussion

The HELP command should be disabled to mask version information. The version of the SMTP service software could be used by attackers to target vulnerabilities present in specific software versions.

Check Content

Run the following command to get the "HELP" file location: # grep "^O HelpFile" /etc/mail/sendmail.cf The above command should yield the following output: O HelpFile=/etc/mail/helpfile If the above command does not yield any output, this is not a finding. The "HELP" file should be referenced by the "HelpFile" option. Check to see if the "HELP" file exists: # ls <helpfile_path> If the "HELP" file exists, this is a finding.

Fix Text

To disable the SMTP service HELP command remove the HELP file using command: # rm <helpfile_path>

Additional Identifiers

Rule ID: SV-215417r508663_rule

Vulnerability ID: V-215417

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.