Web application abuses : PHP Mail Function Header Spoofing Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.11444

Categoría: Web application abuses

Título: PHP Mail Function Header Spoofing Vulnerability

Resumen: The remote host is running a version of PHP <= 4.2.2.;; The mail() function does not properly sanitize user input.

Descripción: Summary:
The remote host is running a version of PHP <= 4.2.2.

The mail() function does not properly sanitize user input.

Vulnerability Impact:
This allows users to forge email to make it look like it is
coming from a different source other than the server.

Users can exploit this even if SAFE_MODE is enabled.

Solution:
Contact your vendor for the latest PHP release.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2002-0985
Bugtraq: 20020823 PHP: Bypass safe_mode and inject ASCII control chars with mail() (Google Search)
http://marc.info/?l=bugtraq&m=103011916928204&w=2
Bugtraq: 20030707 [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php) (Google Search)
http://marc.info/?l=bugtraq&m=105760591228031&w=2
Caldera Security Advisory: CSSA-2003-008.0
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt
Conectiva Linux advisory: CLA-2002:545
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545
Debian Security Information: DSA-168 (Google Search)
http://www.debian.org/security/2002/dsa-168
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082
http://www.osvdb.org/2111
http://www.redhat.com/support/errata/RHSA-2002-213.html
http://www.redhat.com/support/errata/RHSA-2002-214.html
http://www.redhat.com/support/errata/RHSA-2002-243.html
http://www.redhat.com/support/errata/RHSA-2002-244.html
http://www.redhat.com/support/errata/RHSA-2002-248.html
http://www.redhat.com/support/errata/RHSA-2003-159.html
SuSE Security Announcement: SuSE-SA:2002:036 (Google Search)
http://www.novell.com/linux/security/advisories/2002_036_modphp4.html
XForce ISS Database: php-mail-safemode-bypass(9966)
https://exchange.xforce.ibmcloud.com/vulnerabilities/9966
Common Vulnerability Exposure (CVE) ID: CVE-2002-0986
BugTraq ID: 5562
http://www.securityfocus.com/bid/5562
CERT/CC vulnerability note: VU#410609
http://www.kb.cert.org/vuls/id/410609
http://www.osvdb.org/2160
XForce ISS Database: php-mail-ascii-injection(9959)
https://exchange.xforce.ibmcloud.com/vulnerabilities/9959

Copyright Copyright (C) 2002 tony@libpcap.net

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.11444
Categoría:	Web application abuses
Título:	PHP Mail Function Header Spoofing Vulnerability
Resumen:	The remote host is running a version of PHP <= 4.2.2.;; The mail() function does not properly sanitize user input.
Descripción:	Summary: The remote host is running a version of PHP <= 4.2.2. The mail() function does not properly sanitize user input. Vulnerability Impact: This allows users to forge email to make it look like it is coming from a different source other than the server. Users can exploit this even if SAFE_MODE is enabled. Solution: Contact your vendor for the latest PHP release. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-0985 Bugtraq: 20020823 PHP: Bypass safe_mode and inject ASCII control chars with mail() (Google Search) http://marc.info/?l=bugtraq&m=103011916928204&w=2 Bugtraq: 20030707 [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php) (Google Search) http://marc.info/?l=bugtraq&m=105760591228031&w=2 Caldera Security Advisory: CSSA-2003-008.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt Conectiva Linux advisory: CLA-2002:545 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545 Debian Security Information: DSA-168 (Google Search) http://www.debian.org/security/2002/dsa-168 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082 http://www.osvdb.org/2111 http://www.redhat.com/support/errata/RHSA-2002-213.html http://www.redhat.com/support/errata/RHSA-2002-214.html http://www.redhat.com/support/errata/RHSA-2002-243.html http://www.redhat.com/support/errata/RHSA-2002-244.html http://www.redhat.com/support/errata/RHSA-2002-248.html http://www.redhat.com/support/errata/RHSA-2003-159.html SuSE Security Announcement: SuSE-SA:2002:036 (Google Search) http://www.novell.com/linux/security/advisories/2002_036_modphp4.html XForce ISS Database: php-mail-safemode-bypass(9966) https://exchange.xforce.ibmcloud.com/vulnerabilities/9966 Common Vulnerability Exposure (CVE) ID: CVE-2002-0986 BugTraq ID: 5562 http://www.securityfocus.com/bid/5562 CERT/CC vulnerability note: VU#410609 http://www.kb.cert.org/vuls/id/410609 http://www.osvdb.org/2160 XForce ISS Database: php-mail-ascii-injection(9959) https://exchange.xforce.ibmcloud.com/vulnerabilities/9959
Copyright	Copyright (C) 2002 tony@libpcap.net