Intrusion Prevention

PHP.Function.CRLF.Injection

Description

It indicates an attacker attempted to exploit a Email Composition CRLF Injection Vulnerability in PHP. Certain versions of PHP contain a CRLF Injection Vulnerability when allow_url_ open is enabled. This bug allows attackers to modify HTTP headers for outbound requests by injecting CRLF sequences into the arguments to the fopen and file methods.

Affected Products

PHP 4.2.1 through 4.2.3

Impact

Allows remote attackers to modify HTTP headers for outgoing requests.

Recommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.

CVE References

CVE-2002-1783