STIGQter STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The SMTP service must not have a uudecode alias active.

DISA Rule

SV-62821r1_rule

Vulnerability Number

V-4691

Group Title

GEN004640

Rule Version

GEN004640

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Disable mail aliases for decode and uudecode. If the /etc/aliases or /usr/lib/aliases (mail alias) file contains entries for these programs, remove them or disable them by placing "#" at the beginning of the line, and then executing the new aliases command. For more information on mail aliases, refer to the man page for aliases. Disabled aliases would be similar to these examples:

# decode: |/usr/bin/uudecode
# uudecode: |/usr/bin/uuencode -d

Check Contents

Check the SMTP service for an active "decode" command.

Procedure:
# telnet localhost 25
decode

If the command does not return a 500 error code of "command unrecognized", this is a finding.

Vulnerability Number

V-4691

Documentable

False

Rule Version

GEN004640

Severity Override Guidance

Check the SMTP service for an active "decode" command.

Procedure:
# telnet localhost 25
decode

If the command does not return a 500 error code of "command unrecognized", this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

2207

Comments