
Sendmail Identd Bug
An intruder can gain access through sendmail when it uses identd to find
remote users' names. The intruder can execute commands on your system. Sendmail
tries to contact the identd daemon on the scanning machine. The scanner then tells
sendmail to mail the passwd file of the scanned machine to the user (usually
root or postmaster) of the scanned machine.
See
Risk: High
Fix: Ask your vendor for the sendmail patches or upgrade to sendmail 8.7.1.
Advisories:
For new version of sendmail: