STIGQter: STIG Summary: Solaris 10 SPARC Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The SMTP service must not have a uudecode alias active.

DISA Rule

SV-220051r603265_rule

Vulnerability Number

V-220051

Group Title

SRG-OS-000095

Rule Version

GEN004640

Severity

CAT I

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

Comment out active decode and uudecode aliases in the aliases file.

# vi /usr/mail/aliases

Activate updated aliases file.

# newaliases

Check Contents

Check the SMTP service for an active decode command.

Procedure:
# telnet localhost 25
decode

If the command does not return a 500 error code of command unrecognized, this is a finding.

If telnet is unavailable for testing, check for the existence of the decode and uudecode aliases in the sendmail aliases file.

Find the active sendmail aliases file.
# grep AliasFile /etc/mail/sendmail.cf
(The aliases file is usually at /etc/mail/aliases)
Look for decode aliases in the aliases file.
# grep decode /etc/mail/aliases

If there is an uncommented decode or uudecode alias in the aliases file, this is a finding.

Vulnerability Number

V-220051

Documentable

False

Rule Version

GEN004640

Severity Override Guidance

Check the SMTP service for an active decode command.

Procedure:
# telnet localhost 25
decode

If the command does not return a 500 error code of command unrecognized, this is a finding.

If telnet is unavailable for testing, check for the existence of the decode and uudecode aliases in the sendmail aliases file.

Find the active sendmail aliases file.
# grep AliasFile /etc/mail/sendmail.cf
(The aliases file is usually at /etc/mail/aliases)
Look for decode aliases in the aliases file.
# grep decode /etc/mail/aliases

If there is an uncommented decode or uudecode alias in the aliases file, this is a finding.

Check Content Reference

M

Target Key

4060

Comments