Sendmail mail.local Vulnerabilities
The vendor has been notified and the deadlock/LMTP problems were fixed in Sendmail versions 8.10.0 and higher. On Solaris machines, Sendmail 8.10.0 and 8.10.1 are known to be vulnerable to another related attack involving the Content-Length field in the message header.
The Content-Length field header was fixed by Sendmail upgrades:
Eric Allman Sendmail 8.9.3