Check: GEN004620
Solaris 9 X86 STIG:
GEN004620
(in version v1 r9)
Title
The Sendmail server must have the debug feature disabled. (Cat I impact)
Discussion
Debug mode is a feature present in older versions of Sendmail which, if not disabled, may allow an attacker to gain access to a system through the Sendmail service.
Check Content
Check for an enabled debug command provided by the SMTP service. Procedure: # telnet localhost 25 debug If the command does not return a 500 error code of command unrecognized, this is a finding. If telnet is unavailable for testing, check the version of sendmail. Run the following as a non-privileged user. $ echo \$Z | /usr/sbin/sendmail -bt -d0 If the version reported is less than 8.6, this is a finding.
Fix Text
Obtain and install a more recent version of Sendmail, which does not implement the DEBUG feature.
Additional Identifiers
Rule ID: SV-42311r1_rule
Vulnerability ID: V-4690
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |