Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0630


Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0630
Last Modified 05 Sep 2008 04:59:47
Published 10 Feb 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



RITLabs The Bat! before displays certain important headers from encapsulated data in message/partial MIME messages, instead of the real headers, which is in violation of RFC2046 header merging rules and allows remote attackers to spoof the origin of e-mail by sending a fragmented message, as demonstrated using spoofed Received: and Message-ID: headers.

Vulnerable Systems


  • Ritlabs The Bat 3.0

  • Ritlabs The Bat

  • Ritlabs The Bat

  • Ritlabs The Bat

  • Ritlabs The Bat

  • Ritlabs The Bat

  • Ritlabs The Bat

  • Ritlabs The Bat



BUGTRAQ - 20060206 SECURITY.NNOV: The Bat! 2.x message headers spoofing


XF - thebat-message-header-spoofing(24535)

BID - 16515

SECUNIA - 18713

Last Updated: 27 May 2016 10:41:44