Unrated severityNVD Advisory· Published Dec 31, 2002· Updated Apr 16, 2026

CVE-2002-2423

Description

Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response.

Affected products

Sendmail, Inc./Sendmail7 versions
cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*
- cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*
- cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*
- cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archive.cert.uni-stuttgart.de/bugtraq/2002/09/msg00267.htmlnvd
www.iss.net/security_center/static/10153.phpnvd
www.securityfocus.com/bid/5770nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000