CVE-2002-2261

CWE-2645 documents5 sources
Severity
7.5HIGH
EPSS
0.6%
top 30.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sendmail Sendmail
Timeline
PublishedDec 31
Latest updateMay 3

Description

Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

Debiansendmail< 8.12.7+3
NVDsendmail/sendmail24 versions+23

Patches

Patch: securitytracker.comPatch: www.securityfocus.comPatch: www.sendmail.org

🔴Vulnerability Details

3
GHSA
GHSA-vqjv-jhp4-724w: Sendmail 82022-05-03
CVEList
CVE-2002-2261: Sendmail 82007-10-18
OSV
CVE-2002-2261: Sendmail 82002-12-31

📋Vendor Advisories

1
Debian
CVE-2002-2261: sendmail - Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restric...2002
CVE-2002-2261 (HIGH CVSS 7.5) | Sendmail 8.9.0 through 8.12.6 allow | cvebase.io