About workaround of CVE-1999-0531 issue.
Issue
- According to our customer, a vulnerability (CVE-1999-0531) was found on the customer's server.
- CVE information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0531
- The customer was pointed out the following by third-party organization.
The server is in the situation which user information can be obtained with SMTP command. Actually, informaiton of whether a specified user exists can be queried with RCPT command.
- The customer expects sendmail to return the same value in like the following situation.
[root@rhel5 ~]# nc localhost 25
220 rhel5.com ESMTP Sendmail 8.13.8/8.13.8; Thu, 16 Jan 2014 10:55:15 +0900
HELO foo.or.jp
250 rhel5.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
MAIL FROM: user@foo.or.jp
250 2.1.0 user@foo.or.jp... Sender ok
RCPT TO: abc@rhel5.com <== Existent user
250 2.1.5 abc@rhel5.com... Recipient ok
RCPT TO: abcd@rhel5.com <== Non-existent user
550 5.1.1 abcd@rhel5.com... User unknown
- Also, if it's not satisfied, the customer thinks the system has a vulnerability of CVE-1999-0531. Is this correct?
Environment
- Red Hat Enterprise Linux 5.5
- sendmail-8.13.8-8.el5
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
