SQWebmail HTTP Response Splitting Vulnerability

Bugtraq ID:	13374
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 15 2005 12:00AM
Updated:	Apr 15 2005 12:00AM
Credit:	Zinho <[email protected]> is credited with the discovery of this vulnerability.
Vulnerable:	Inter7 SqWebMail 4.0.5 Inter7 SqWebMail 4.0.4 .20040524 Inter7 SqWebMail 3.6.1 Inter7 SqWebMail 3.6 .0 Inter7 SqWebMail 3.5.3 Inter7 SqWebMail 3.5.2 Inter7 SqWebMail 3.5.1 Inter7 SqWebMail 3.5 .0 Inter7 SqWebMail 3.4.1
Not Vulnerable:

SQWebmail HTTP Response Splitting Vulnerability

SQWebmail is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

A remote attacker may exploit this vulnerability to influence or misrepresent how Web content is served, cached or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.

SQWebmail HTTP Response Splitting Vulnerability

No exploit is required.

The following proof of concept is available:
sqwebmail?redirect=%0d%0a%0d%0a[INJECT SCRIPT]

SQWebmail HTTP Response Splitting Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

SQWebmail HTTP Response Splitting Vulnerability

References:

• SqWebMail Homepage (Inter7)
  
• [Hackers Center Security Group] Sqwebmail Http Splitting Vulnerability (Zinho )