Sendmail Redirection Relaying Allowed

medium Nessus Plugin ID 10250

Language:

Synopsis

The remote SMTP server is vulnerable to a redirection attack.

Description

The remote sendmail server accepts messages addressed to recipients of the form 'user@[email protected]'. A remote attacker could leverage this to reach mail servers behind a firewall or to avoid detection by routing mail through the affected host.

Solution

Consult the Sendmail documentation and modify the server's configuration file to avoid such redirections. For example, this may involve adding the following statement at the top of Ruleset 98, in sendmail.cf :

R$*@$*@$* $#error $@ 5.7.1 $: '551 Sorry, no redirections.'

Plugin Details

Severity: Medium

ID: 10250

File Name: sendmail_redirection.nasl

Version: 1.30

Type: remote

Family: SMTP problems

Published: 8/25/1999

Updated: 8/5/2020

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: manual

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Vulnerability Information

CPE: cpe:/a:sendmail:sendmail

Required KB Items: installed_sw/Sendmail

Detections

Analytics