| VID |
14062 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
The host system's Sendmail can be executed by normal users, and that is unsafe. Sendmail's settings are difficult for normal users to manage. especially command for mail queue process is not necessary for normal users. so execution permissions should be limited to root.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Protect nomal users from Sendmail execution with q option as the following
# vi /etc/mail/sendmail.cf
O PrivacyOptions=authwarnings,novrfy,noexpn,restrictqrun |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
