One of the most popular mail utilities in the world, sendmail, has a serious flaw in it that could potentially leave a back door open onto a machine. Sendmail is used around the world, delivering 70% of all e-mail, and this particular flaw affects all versions in the 8 branch up to 8.12.6, on Linux and Unix-based systems. All software based on these versions of sendmail are vulnerable according to the report. Symantec has classified this as “critical”, but all users of it already have a solution – for an upgraded version exists.
The Sendmail Consortium strongly urged open-source users to upgrade to version 8.13.6 of the software, which contains a fix and is available through its Web site. Patches for two older versions of the software are also available for download, but the group discouraged that tactic, warning that the patches may not work properly.
If you happen to maintain a server that utilizes sendmail – check it.