STIGQter STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SMTP service must not have the VRFY feature active.

DISA Rule

SV-99203r1_rule

Vulnerability Number

V-88553

Group Title

SRG-OS-000096-GPOS-00050

Rule Version

VROM-SL-000610

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Add "novrfy" to the "PrivacyOptions" flag in the "/etc/sendmail.cf" file.

Check Contents

Use the following command to check if VRFY is disabled:

# grep -v "^#" /etc/sendmail.cf |grep -i PrivacyOptions

If "novrfy" is not returned, this is a finding.

Vulnerability Number

V-88553

Documentable

False

Rule Version

VROM-SL-000610

Severity Override Guidance

Use the following command to check if VRFY is disabled:

# grep -v "^#" /etc/sendmail.cf |grep -i PrivacyOptions

If "novrfy" is not returned, this is a finding.

Check Content Reference

M

Target Key

3461

Comments