No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

How to shield the sendmail high risk hole in the N8300 found by the Antivirus software

Publication Date:  2012-11-05 Views:  51 Downloads:  0
Issue Description
The customer scan the N8300 by a professional antivirus software, and find there was an “alias checking of executing the program through the pipe” high risk hole in the N8300.
Alarm Information
None
Handling Process
There are two methods to avoid this safety hole:
Method one: If it’s not necessary to deploy the cloud service, we can close the “sendmail”:
Use the “support” account to login in the engine node of N8300, execute “/etc/init.d/postfix stop” at each node.
Method two: Forbid the alias of the email. Delete the file “/etc/aliases” or the corresponding line in the “/usr/lib/aliases” or use “#” to remark.
Root Cause
It’s dangerous to lead in an alias of an email address through the pipe for a program executing. If the program hasn’t designed perfect enough to resist the common attack, such as buffer overflow, transfer the character’s meaning and so on, the user’s system email list will have this safety hole. For instance, people usually use the “Majordomo” and “SmartList” to lead in the email address, they had many known safety problems in the past.
Suggestions
None

END