
SMTP Uuencode/Decode Aliases
If the decode mail aliases are enabled, an intruder is able to send mail to
decode@hostname with a file that has been uuencoded to overwrite any system file.
Enabling this option instructs the scanner to look for uuencode and uudecode.
Risk: High
Fix: In UNIX, disable mail aliases for decode and uuencode. If the file
/etc/aliases contains entries for these programs, remove them or disable them by placing #
at the beginning of the line, and then executing the command newaliases. For
more information on UNIX mail aliases, consult the manual page for
"aliases(1)". A disabled decode alias should appear as: