Bug 21801 - default sendmail config permits SMTP EXPN and VRFY
Summary: default sendmail config permits SMTP EXPN and VRFY
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: sendmail
Version: 6.2
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Florian La Roche
QA Contact: Dale Lovelace
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-12-06 14:51 UTC by John Bollinger
Modified: 2007-04-18 16:30 UTC (History)
2 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2001-01-04 14:47:10 UTC


Attachments (Terms of Use)

Description John Bollinger 2000-12-06 14:51:18 UTC
An ISS scan of one of my RedHat 6.2 systems flagged low-severity vulnerabilities in the default sendmail (8.9.3-20)
configuration.  In particular, ISS complained that VRFY and EXPN were both enabled, and explained that both allow
an intruder to obtain information about local user accounts on the system.

Comment 1 Jarno Huuskonen 2000-12-09 23:04:49 UTC
Also the default sendmail config allows users to use mailq command. This
can be used to snoop /var/spool/mqueue contents  --> users can see where
other users send / receive mail.

This can be changed with the restrictmailq in sendmail.cf

(also noexpn and novrfy should disable the EXPN and VRFY commands)



Comment 2 Florian La Roche 2001-01-04 14:47:06 UTC
I do not set restrictmailq, but have added restrictqrun.


Note You need to log in before you can comment on or make changes to this bug.