|
Family: SMTP problems --> Category: infos
Sendmail 'decode' flaw Vulnerability Scan
Vulnerability Scan Summary Checks if the remote mail server can be used to overwrite files
Detailed Explanation for this Vulnerability Test
The remote SMTP server seems to pipe mail
sent to the 'decode' alias to a program.
There have been in the past a lot of security
problems regarding this, as it would allow
a possible hacker to overwrite arbitrary files
on the remote server.
We suggest you deactivate this alias.
Solution : remove the 'decode' line in /etc/aliases.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|