Revenue Source

Welcome to the Revenue Source affiliate marketing forums.

You are viewing our internet marketing and SEO forums as a guest which gives you limited access to most of our discussions.  By joining our free community, you will have access to post affiliate marketing topics, communicate privately with other members (PM), exchange SEO strategies, and access many other special features.  Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems, please don't hesitate to contact us.

Go Back   Revenue Source > Site Design & Development > Programming Help
Reload this Page Hardened-PHP Project: Dotdeb PHP Email Header Injection Vulnerability
Tags: , , , , , , ,

Reply
 
LinkBack Thread Tools Search this Thread
Old
  (#1 (permalink))
Affiliate Blogs is Offline
Revenue Source Veteran
Affiliate Blogs has a brilliant future here!
 
Affiliate Blogs's Avatar
 
Join Date: Oct 2005
Posts: 8,626
Jack of All Trades
CyberSpace United States
   
Hardened-PHP Project: Dotdeb PHP Email Header Injection Vulnerability - 11-14-2006
The Hardened PHP Project has released another vulnerability today for the Dotdeb PHP package repository software. The exploit allows for an email header injection.
It was discovered that the Dotdeb PHP packages are patched with a mail() protection patch that was originally created by Steve Bennett and is nowadays developed at choon.net. This patch adds an X-PHP-Script header to outgoing mails that contains the name of the server, the script and the calling IP.
An example of an attack via this issue would be injecting Bcc: headers into emails with sensitive information, copying them to themselves. The latest version of the package can be downloaded from their site. It is suggested that versions less than 5.2.0 Rev 3 upgrade immediately.


Hardened-PHP Project: Dotdeb PHP Email Header Injection Vulnerability - Read More...
  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Renaming file Uploads | Community News: Latest PHPClasses.org Releases for 11.15.2006 »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads for: Hardened-PHP Project: Dotdeb PHP Email Header Injection Vulnerability
Thread Thread Starter Forum Replies Last Post
Email Newsletters and RSS Usability Affiliate Blogs Affiliate Marketing 0 11-14-2006 07:25 PM
A Link Exchange Email That Worked Affiliate Blogs Affiliate Marketing 0 11-14-2006 07:12 PM
Google Sends Worm To 50,000 Video Email Subscribers Affiliate Marketing News Internet Marketing Articles 0 11-09-2006 06:15 PM
Affiliate & Email Marketing Manager* - Affiliates World Affiliate Blogs Affiliate Marketing 0 11-06-2006 04:08 AM
Merchant 10435 - Gigasonic - M-Audio Project Mix I/O Control Surface Free M-Audio Lun Affiliate Marketing News Shareasale Affiliate Deals 0 10-17-2006 07:27 PM



© 2004-6 RevenueSource.com.  All rights reserved.  Do not duplicate or redistribute in any form.
This website and its logos/design are property of RevenueSource.com.  All rights reserved. vBSEO 3.2.0 RC7

Contact Us - Affiliate Marketing & SEO Forums - Archive - Top

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34