From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Description of problem:
Andrew Wilshire from New Zealand reports that a vulnerability scan
performed by an external security vendor has shown that this version
of sendmail is vulnerable to Prescan and Header processing bugs.
No updates available for sendmail on ES2.1.
Can you confirm ?
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Sendmail scan
Actual Results: Vulnerability exist
Expected Results: No vulnerability.
External security vendor has made a mistake; backported patches for
these issues exist in that version of sendmail. See for example: