From Oracle Linux 5 Security Technical Implementation Guide
Part of GEN004620
Associated with: CCI-000366
Debug mode is a feature present in older versions of sendmail which, if not disabled, may allow an attacker to gain access to a system through the sendmail service.
Check for an enabled "debug" command provided by the SMTP service. Procedure: # telnet localhost 25 debug If the command does not return a 500 error code of "command unrecognized" or a 550 error code of "access denied", this is a finding. The operating system distribution ships with sendmail Version 8.13.8 which is not vulnerable. This should never be a finding.
Obtain and install a newer version of the SMTP service software (sendmail or Postfix) from the operating system vendor.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer