Navigate

Check: GEN004600

VMware ESX 3 Server: GEN004600 (in version v1 r2)

Title

The SMTP service must be an up-to-date version. (Cat I impact)

Discussion

The SMTP service version on the system must be current to avoid exposing vulnerabilities present in unpatched versions.

Check Content

Determine the version of the SMTP service software. Locate the Sendmail daemon. Procedure: # find / -name sendmail Obtain version information for the Sendmail daemon. Procedure: # what <file location> OR # strings <file location> | grep version Version 8.14.4 is the latest required version. If the Sendmail version is not at least 8.14.4 or the vendor's latest version, this is a finding.

Fix Text

Obtain and install a newer version of Sendmail from the operating system vendor or from http://www.sendmail.org or ftp://ftp.cs.berkeley.edu/ucb/sendmail.

Additional Identifiers

Rule ID: SV-4689r2_rule

Vulnerability ID: V-4689

Group Title: GEN004600

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001230	The organization incorporates flaw remediation into the organizational configuration management process.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
SI-2	Flaw Remediation