linosch
06.02.03, 05:27
Hallo zusammen,
ich habe mir einen Mailserver mit Postfix aufgesetzt und anschließen Nessus als Securetycheck darüber laufen lassen. Einige Fehler konnte ich schon beheben, doch bei den letzten drei werde ich einfach nicht fertig. Ich habe leider keine Idee mehr, was ich dagegen tun kann.
Für hilfreiche Tipps wäre ich sehr dankbar. *smile*
Hier die Fehler:
------------------------------------------------------------------------------------
1)
The remote SMTP server did not complain when issued the
command :
MAIL FROM: root@this_host
RCPT TO: |testing
This probably means that it is possible to send mail directly
to programs, which is a serious threat, since this allows
anyone to execute arbitrary command on this host.
NOTE : ** This security hole might be a false positive, since
some MTAs will not complain to this test, and instead will
just drop the message silently **
Solution : upgrade your MTA or change it.
Risk factor : High
CVE : CAN-1999-0163
. Vulnerability found on port smtp (25/tcp) :
-------------------------------------------------------------------------------------------------------
2)
The remote SMTP server did not complain when issued the
command :
MAIL FROM: root@this_host
RCPT TO: /tmp/nessus_test
This probably means that it is possible to send mail directly
to files, which is a serious threat, since this allows
anyone to overwrite any file on the remote server.
NOTE : ** This security hole might be a false positive, since
some MTAs will not complain to this test and will
just drop the message silently. Check for the presence
of file 'nessus_test' in /tmp ! **
Solution : upgrade your MTA or change it.
Risk factor : High
CVE : CVE-1999-0096
. Vulnerability found on port smtp (25/tcp) :
---------------------------------------------------------------------------------
3)
The remote SMTP server did not complain when issued the
command :
MAIL FROM: |testing
This probably means that it is possible to send mail
that will be bounced to a program, which is
a serious threat, since this allows anyone to execute
arbitrary command on this host.
NOTE : ** This security hole might be a false positive, since
some MTAs will not complain to this test, but instead
just drop the message silently **
Solution : upgrade your MTA or change it.
Risk factor : High
CVE : CAN-1999-0203
--------------------------------------------------------------------------------------
4)
The remote STMP server seems to allow remote users to
send mail anonymously by providing a too long argument
to the HELO command (more than 1024 chars).
This problem may allow bad guys to send hate
mail, or threatening mail using your server
and keep their anonymity.
Risk factor : Low.
Solution : If you are using sendmail, upgrade to
version 8.9.x. If you do not run sendmail, contact
your vendor.
CVE : CAN-1999-0098
--------------------------------------------------------------------------------------
Danke
Lino
PS: System ist Debian 3.0
ich habe mir einen Mailserver mit Postfix aufgesetzt und anschließen Nessus als Securetycheck darüber laufen lassen. Einige Fehler konnte ich schon beheben, doch bei den letzten drei werde ich einfach nicht fertig. Ich habe leider keine Idee mehr, was ich dagegen tun kann.
Für hilfreiche Tipps wäre ich sehr dankbar. *smile*
Hier die Fehler:
------------------------------------------------------------------------------------
1)
The remote SMTP server did not complain when issued the
command :
MAIL FROM: root@this_host
RCPT TO: |testing
This probably means that it is possible to send mail directly
to programs, which is a serious threat, since this allows
anyone to execute arbitrary command on this host.
NOTE : ** This security hole might be a false positive, since
some MTAs will not complain to this test, and instead will
just drop the message silently **
Solution : upgrade your MTA or change it.
Risk factor : High
CVE : CAN-1999-0163
. Vulnerability found on port smtp (25/tcp) :
-------------------------------------------------------------------------------------------------------
2)
The remote SMTP server did not complain when issued the
command :
MAIL FROM: root@this_host
RCPT TO: /tmp/nessus_test
This probably means that it is possible to send mail directly
to files, which is a serious threat, since this allows
anyone to overwrite any file on the remote server.
NOTE : ** This security hole might be a false positive, since
some MTAs will not complain to this test and will
just drop the message silently. Check for the presence
of file 'nessus_test' in /tmp ! **
Solution : upgrade your MTA or change it.
Risk factor : High
CVE : CVE-1999-0096
. Vulnerability found on port smtp (25/tcp) :
---------------------------------------------------------------------------------
3)
The remote SMTP server did not complain when issued the
command :
MAIL FROM: |testing
This probably means that it is possible to send mail
that will be bounced to a program, which is
a serious threat, since this allows anyone to execute
arbitrary command on this host.
NOTE : ** This security hole might be a false positive, since
some MTAs will not complain to this test, but instead
just drop the message silently **
Solution : upgrade your MTA or change it.
Risk factor : High
CVE : CAN-1999-0203
--------------------------------------------------------------------------------------
4)
The remote STMP server seems to allow remote users to
send mail anonymously by providing a too long argument
to the HELO command (more than 1024 chars).
This problem may allow bad guys to send hate
mail, or threatening mail using your server
and keep their anonymity.
Risk factor : Low.
Solution : If you are using sendmail, upgrade to
version 8.9.x. If you do not run sendmail, contact
your vendor.
CVE : CAN-1999-0098
--------------------------------------------------------------------------------------
Danke
Lino
PS: System ist Debian 3.0