Intrusion Prevention

PHP.Geeklog.Email.Composition.CRLF.Injection

Description

It indicates a possible exploit of CRLF (Carriage return Line feed) Vulnerability in Geeklog that may allow attackers to obtain recipient email address. Geeklog is an open-source Web log software written in PHP for Linux and Microsoft Windows platforms. Geeklog is designed to prevent a users real email address from being revealed. A remote attacker could use CRLF combinations to inject a Bcc: header in the Subject field to cause a copy of the message to be sent to themselves, which would reveal the recipients real email address.

Affected Products

Geeklog 1.3.5 sr1 and Geeklog 1.3.5

Impact

Information disclosure.

Recommended Actions

Upgrade to Geeklog 1.3.5 sr2 or later.

CVE References

CVE-2002-1917