A remotely exploitable vulnerability in sendmail could allow an attacker to gain control of a vulnerable sendmail server. Address parsing code in sendmail does not adequately check the length of email addresses. An email message with a specially crafted address could trigger a stack overflow.
* Sendmail Pro (all versions)
* Sendmail Switch 2.1 prior to 2.1.6
* Sendmail Switch 2.2 prior to 2.2.6
* Sendmail Switch 3.0 prior to 3.0.4
* Sendmail for NT 2.X prior to 2.6.3
* Sendmail for NT 3.0 prior to 3.0.4
* Systems running open-source sendmail versions prior to 8.12.9, including UNIX and Linux systems.
For more information, see http://www.cert.org/advisories/CA-2003-12.html.