Vulnerability Description
CRLF injection vulnerability in help.php in Russcom Network Loginphp allows remote attackers to spoof e-mails and inject MIME headers via CRLF sequences in the email address.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Russcom Network | Loginphp | All versions |
References
- http://secunia.com/advisories/19930
- http://www.osvdb.org/25214
- http://www.securityfocus.com/archive/1/432729/100/0/threaded
- http://www.securityfocus.com/bid/17787
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26250
- http://secunia.com/advisories/19930
- http://www.osvdb.org/25214
- http://www.securityfocus.com/archive/1/432729/100/0/threaded
- http://www.securityfocus.com/bid/17787
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26250
FAQ
What is CVE-2006-2159?
CVE-2006-2159 is a vulnerability with a CVSS score of 5.0 (MEDIUM). CRLF injection vulnerability in help.php in Russcom Network Loginphp allows remote attackers to spoof e-mails and inject MIME headers via CRLF sequences in the email address.
How severe is CVE-2006-2159?
CVE-2006-2159 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-2159?
Check the references section above for vendor advisories and patch information. Affected products include: Russcom Network Loginphp.