Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0631

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0631
Last Modified 07 Mar 2011 09:30:28
Published 10 Feb 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0631

Summary

CRLF injection vulnerability in mailback.pl in Erik C. Thauvin mailback allows remote attackers to use mailback as a "spam proxy" by modifying mail headers, including recipient e-mail addresses, via newline characters in the Subject field.

Vulnerable Systems

Application

  • Erik C. Thauvin Mailback


References

OSVDB - 22955

SECUNIA - 18748

XF - mailback-mail-relay(24540)

VUPEN - ADV-2006-0459

CONFIRM - http://vc.thauvin.net/cvs/cgi/mailback/mailback.pl?view=log

BUGTRAQ - 20060210 Re: mailback script exploit

BUGTRAQ - 20060205 mailback script exploit


Last Updated: 27 May 2016 10:41:44