Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc
ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6
ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5
ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P
distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571
frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028
marc.info/?l=bugtraq&m=104673778105192&w=2
marc.info/?l=bugtraq&m=104678739608479&w=2
marc.info/?l=bugtraq&m=104678862109841&w=2
marc.info/?l=bugtraq&m=104678862409849&w=2
marc.info/?l=bugtraq&m=104679411316818&w=2
www-1.ibm.com/support/search.wss?rs=0&q=IY40500&apar=only
www-1.ibm.com/support/search.wss?rs=0&q=IY40501&apar=only
www-1.ibm.com/support/search.wss?rs=0&q=IY40502&apar=only
www.cert.org/advisories/CA-2003-07.html
www.debian.org/security/2003/dsa-257
www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950
www.iss.net/security_center/static/10748.php
www.kb.cert.org/vuls/id/398025
www.redhat.com/support/errata/RHSA-2003-073.html
www.redhat.com/support/errata/RHSA-2003-074.html
www.redhat.com/support/errata/RHSA-2003-227.html
www.securityfocus.com/bid/6991
www.sendmail.org/8.12.8.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222