CVE-2002-2423

CWE-20Improper Input Validation3 documents3 sources
Severity
6.4MEDIUM
EPSS
0.3%
top 46.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sendmail Sendmail
Timeline
PublishedDec 31
Latest updateApr 30

Description

Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

NVDsendmail/sendmail7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-r7jw-vqfm-vw8w: Sendmail 82022-04-30
CVEList
CVE-2002-2423: Sendmail 82007-11-01
CVE-2002-2423 (MEDIUM CVSS 6.4) | Sendmail 8.12.0 through 8.12.6 trun | cvebase.io