A sendmail flaw that if exploited allows root access has been discovered in the following versions:
Sendmail Pro (all versions)
Sendmail Switch 2.1 prior to 2.1.6
Sendmail Switch 2.2 prior to 2.2.6
Sendmail Switch 3.0 prior to 3.0.4
Sendmail for NT 2.X prior to 2.6.3
Sendmail for NT 3.0 prior to 3.0.4
Systems running open-source sendmail versions prior to 8.12.9, including UNIX and Linux systems
A patch is available at http://www.sendmail.org/
Comments (0)
Topsight.net
http://www.topsight.net/article.php/20030329200505175