GEN:SID 1:664
Message SMTP RCPT TO decode attempt
Summary This event is generated when maliciously formatted "rcpt to" text is supplied to Sendmail.
Impact Attempted administrator access.  A successful attack can allow remote execution of commands with root privleges.
Detailed Information A vulnerability exists in older versions of Sendmail that incorrectly parses message headers.  This can allow a malicious user to execute arbitrary commands as root.
Affected Systems Sendmail versions prior to 8.6.10 and any version based on 5.x.
Attack Scenarios An attacker can craft a malicious mail header that executes a command.
Ease of Attack Easy.  Use a maliciously formatted header.
Corrective Action Upgrade to version 8.6.10 or higher of Sendmail.
Additional References Bugtraq:
http://www.securityfocus.com/bid/2308

CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0203

Rule References arachnids: 121
bugtraq: 2308
cve: 1999-0203