Sqwebmail Http Splitting Vulnerability

Full Version: Sqwebmail Http Splitting Vulnerability

GovernmentSecurity.org > General GSO > Exploit & Vulnerability Mailing List Archives

qcred11

Apr 26 2005, 08:07 PM

QUOTE

Desc: Http Splitting leads to email account stealing
Product: SQWebmail
Risk: High

A dangerous http splitting attack can be taken against mailboxes that use Sqwebmail as web mail interface. Anyone can send a malformed link in the email body and stealing session cookie and passwords.

Proof of concept:
///
sqwebmail?redirect=%0d%0a%0d%0a[INJECT SCRIPT]
///

Vendor should patch this issue soon as anyone can attack a user directly.

Author:
Zinho

Source: http://seclists.org/lists/bugtraq/2005/Apr/0441.html

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.