Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: SMTP problems --> Category: infos

Sendmail 'decode' flaw Vulnerability Scan

Vulnerability Scan Summary
Checks if the remote mail server can be used to overwrite files

Detailed Explanation for this Vulnerability Test

The remote SMTP server seems to pipe mail
sent to the 'decode' alias to a program.

There have been in the past a lot of security
problems regarding this, as it would allow
a possible hacker to overwrite arbitrary files
on the remote server.

We suggest you deactivate this alias.

Solution : remove the 'decode' line in /etc/aliases.

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.