Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: SMTP problems --> Category: infos

Sendmail debug mode leak Vulnerability Scan

Vulnerability Scan Summary
Checks the version number for 'debug mode leak'

Detailed Explanation for this Vulnerability Test

According to the version number of the remote mail server,
a local user may be able to obtain the complete mail configuration
and other interesting information about the mail queue even if
he is not allowed to access those information directly, by running
sendmail -q
where nnnn & xxx are debugging levels.

If users are not allowed to process the queue (which is the default)
then you are not vulnerable.

Solution : upgrade to the latest version of Sendmail or

do not allow users to process the queue (RestrictQRun option)
Threat Level: Low
Note : This vulnerability is _local_ only

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.