About workaround of CVE-1999-0531 issue.

Solution Verified - Updated -

Issue

  • According to our customer, a vulnerability (CVE-1999-0531) was found on the customer's server.
  • CVE information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0531
  • The customer was pointed out the following by third-party organization.
 The server is in the situation which user information can be obtained with SMTP command. Actually, informaiton of whether a specified user  exists can be queried with RCPT command.
  • The customer expects sendmail to return the same value in like the following situation.
[root@rhel5 ~]# nc localhost 25
220 rhel5.com ESMTP Sendmail 8.13.8/8.13.8; Thu, 16 Jan 2014 10:55:15 +0900
HELO foo.or.jp
250 rhel5.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
MAIL FROM:  user@foo.or.jp
250 2.1.0 user@foo.or.jp... Sender ok
RCPT TO: abc@rhel5.com                 <==  Existent user
250 2.1.5 abc@rhel5.com... Recipient ok
RCPT TO: abcd@rhel5.com                <==  Non-existent user
550 5.1.1 abcd@rhel5.com... User unknown
  • Also, if it's not satisfied, the customer thinks the system has a vulnerability of CVE-1999-0531. Is this correct?

Environment

  • Red Hat Enterprise Linux 5.5
  • sendmail-8.13.8-8.el5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content