Eric Allman ≫ Sendmail

Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.

Sendmail WIZ command enabled, allowing root access.

The debug command in Sendmail is enabled, allowing attackers to execute commands as root.