|
|
|
|
|
|
|
| |
Multiple Mail Server EXPN/VRFY Information Disclosure |
|
| This script is Copyright (C) 1999-2010 Tenable Network Security, Inc. |
|
|
| Family | SMTP problems |
| Nessus Plugin ID | 10249 (sendmail_expn.nasl) |
| Bugtraq ID |
|
| CVE ID |
|
|
| Description: |
Synopsis :
It is possible to enumerate the names of valid users on the remote
host.
Description :
The remote SMTP server answers to the EXPN and/or VRFY commands.
The EXPN command can be used to find the delivery address of mail
aliases, or even the full name of the recipients, and the VRFY command
may be used to check the validity of an account.
Your mailer should not allow remote users to use any of these
commands, because it gives them too much information.
Solution :
If you are using Sendmail, add the option :
O PrivacyOptions=goaway
in /etc/sendmail.cf.
Risk factor :
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
|
|
|
|
|
|
