| VID |
18006 |
| Severity |
20 |
| Port |
25 |
| Protocol |
TCP |
| Class |
SMTP |
| Detailed Description |
The SMTP daemon appears to support Extended HELO(EHLO) command to executed.
The mail transport agents use the Extended HELO(EHLO) command to query which extended SMTP commands a remote mail server will accept and some configuration information on SMTP daemon. If your mail server is set to support EHLO command, malicious attackers determine information on SMTP daemon using the EHLO command, and then could perform other attack with this information.
* References:
http://www.iss.net/security_center/static/323.php
http://www.microsoft.com/Exchange/en/55/help/default.asp?url=/Exchange/en/55/help/documents/server/XOG05031.HTM |
| Recommendation |
Extended SMTP provides some useful features that basic SMTP does not support.
However, if the Extended SMTP features can reveal the information, you may choose to disable EHLO on your mail server.
Consult your mail server documentation or contact your vendor for information on how to modify your mail server configuration to disable EHLO.
* if using Microsoft Exchange 5.5 Product, refer to the follow documentation:
http://www.microsoft.com/Exchange/en/55/help/default.asp?url=/Exchange/en/55/help/documents/server/XOG05031.HTM |
| Related URL |
CVE-1999-0531 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
