Updated Sendmail packages that fix a potentially-exploitable vulnerability are now available.

Sendmail is a widely used Mail Transport Agent (MTA) and is included in all Red Hat Linux distributions.

Michal Zalewski found a bug in the prescan() function of unpatched Sendmail versions prior to 8.12.10. The sucessful exploitation of this bug can lead to heap and stack structure overflows. Although no exploit currently exists, this issue is locally exploitable and may also be remotely exploitable. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0694 to this issue.