STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The SMTP service must not have a uudecode alias active.

DISA Rule

SV-62821r1_rule

Vulnerability Number

V-4691

Group Title

GEN004640

Rule Version

GEN004640

Severity

CAT I

CCI(s)

CCI-001230 - The organization incorporates flaw remediation into the organizational configuration management process.

Weight

Fix Recommendation

Disable mail aliases for decode and uudecode. If the /etc/aliases or /usr/lib/aliases (mail alias) file contains entries for these programs, remove them or disable them by placing "#" at the beginning of the line, and then executing the new aliases command. For more information on mail aliases, refer to the man page for aliases. Disabled aliases would be similar to these examples:

# decode: |/usr/bin/uudecode
# uudecode: |/usr/bin/uuencode -d

Check Contents

Check the SMTP service for an active "decode" command.

Procedure:
# telnet localhost 25
decode

If the command does not return a 500 error code of "command unrecognized", this is a finding.

Vulnerability Number

V-4691

Documentable

False

Rule Version

GEN004640

Severity Override Guidance

Check the SMTP service for an active "decode" command.

Procedure:
# telnet localhost 25
decode

If the command does not return a 500 error code of "command unrecognized", this is a finding.

STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The SMTP service must not have a uudecode alias active.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments