Drupal 4.6.6 / 4.5.8 fixes mail header injection issue

2006.03.15
Credit: Uwe Hermann
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-Other


CVSS Base Score: 5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

------------------------------------------------------------------------ ---- Drupal security advisory DRUPAL-SA-2006-004 ------------------------------------------------------------------------ ---- Advisory ID: DRUPAL-SA-2006-004 Project: Drupal core Date: 2006-03-13 Security risk: moderately critical Impact: security bypass Where: from remote Vulnerability: mail header injection attack ------------------------------------------------------------------------ ---- Description ----------- Linefeeds and carriage returns were not being stripped from email headers, raising the possibility of bogus headers being inserted into outgoing email. This could lead to Drupal sites being used to send unwanted email. Versions affected ----------------- All Drupal versions before 4.6.6. Solution -------- If you are running Drupal 4.5.x then upgrade to Drupal 4.5.8. If you are running Drupal 4.6.x then upgrade to Drupal 4.6.6. Reported by ----------- Norrin, kbahey Contact ------- The security contact for Drupal can be reached at security (at) drupal (dot) org [email concealed] or using the form at http://drupal.org/contact. More information is available from http://drupal.org/security or from our security RSS feed http://drupal.org/security/rss.xml. // Uwe Hermann, on behalf of the Drupal Security Team. -- Uwe Hermann http://www.hermann-uwe.de http://www.it-services-uh.de | http://www.crazy-hacks.org http://www.holsham-traders.de | http://www.unmaintained-free-software.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFEFiQtXdVoV3jWIbQRAlgvAKCRPRYNf26DWBsMXmV66RwAxySx0QCgnOBf Y6Sys1nFBsQToaxJISYhoeI= =pUZr -----END PGP SIGNATURE-----


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top