Info

Disclosure

Jun 11, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

CS-Forum contains a flaw that may allow a remote attacker to inject arbitrary headers in email sent from the system. The issue is due to ajouter.php script not properly sanitizing user input supplied to the 'email' variable. This may allow an attacker to inject custom email headers using newline characters potentially resulting in spoofed mail content.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Rumored
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Upgrade to version 0.82 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Visialis

CS-Forum

0.81

References

CVE ID: 2006-3171 (see also: NVD)
Secunia Advisory ID: 20534
Related OSVDB ID: 26379 26380 26381 26382 26383 26385
VUPEN Advisory: ADV-2006-2314
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0169.html
Other Advisory URL: http://www.acid-root.new.fr/advisories/csforum081.txt
Vendor URL: http://www.comscripts.com/scripts/php.cs-forum.643.html

Credit

DarkFig - gmdarkfiggmail.com -

Direct URL: http://osvdb.org/26384