Vulnerabilities > CVE-2006-0631 - Unspecified vulnerability in Erik C. Thauvin Mailback
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
CRLF injection vulnerability in mailback.pl in Erik C. Thauvin mailback allows remote attackers to use mailback as a "spam proxy" by modifying mail headers, including recipient e-mail addresses, via newline characters in the Subject field.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://seclists.org/lists/bugtraq/2006/Feb/0094.html
- http://seclists.org/lists/bugtraq/2006/Feb/0094.html
- http://seclists.org/lists/bugtraq/2006/Feb/0154.html
- http://seclists.org/lists/bugtraq/2006/Feb/0154.html
- http://secunia.com/advisories/18748
- http://secunia.com/advisories/18748
- http://vc.thauvin.net/cvs/cgi/mailback/mailback.pl?view=log
- http://vc.thauvin.net/cvs/cgi/mailback/mailback.pl?view=log
- http://www.osvdb.org/22955
- http://www.osvdb.org/22955
- http://www.vupen.com/english/advisories/2006/0459
- http://www.vupen.com/english/advisories/2006/0459
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24540
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24540