Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/17531http://secunia.com/advisories/12667http://www.debian.org/security/2004/dsa-554http://www.securityfocus.com/bid/11262
