Assorted sendmail vulnerabilities.
With almost every sendmail version that was built before February 1998, a malicious user can gain unauthorized privileges by exploiting newlines in command-line arguments or in the process environment or in buffer overflow attacks. Intruders need not have access to an account on your system to exploit this problem.
Other possible exploits involve: using sendmail to generate a buffer overflow in the syslog facility. using the decode/uudecode commands to write to user files using the debug command to gain unauthorized access. Using the VRFY/EXPN commands enables the malicious user to determine user names