Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2002-0986 | First vendor Publication | 2002-09-24 |
| Vendor | Cve | Last vendor Modification | 2017-10-10 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy." |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0986 |
CAPEC : Common Attack Pattern Enumeration & Classification
| Id | Name |
|---|---|
| CAPEC-41 | Using Meta-characters in E-mail Headers to Inject Malicious Payloads |
| CAPEC-81 | Web Logs Tampering |
| CAPEC-93 | Log Injection-Tampering-Forging |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-01-17 | Name : Debian Security Advisory DSA 168-1 (PHP3, PHP4) File : nvt/deb_168_1.nasl |
| 2005-11-03 | Name : PHP Mail Function Header Spoofing Vulnerability File : nvt/php_mail_func_header_spoof.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 2160 | PHP mail Function CRLF Injection A flaw exists in PHP which may allow an attacker to add arbitrary data to headers constructed by PHP when remote resources are referenced using these functions. In this way, a PHP script which uses the vulnerable function with the allow_url_fopen() directive enabled may be turned into a proxy, since the attacker is able to construct an arbitrary header to be sent with the request. This may be accomplished by building an arbitrary header using CRLF injection. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-168.nasl - Type : ACT_GATHER_INFO |
| 2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-082.nasl - Type : ACT_GATHER_INFO |
| 2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2002-214.nasl - Type : ACT_GATHER_INFO |
| 2003-03-23 | Name : A remote web application can be used to forge data. File : php_mail_func_header_spoof.nasl - Type : ACT_GATHER_INFO |
| 2002-07-22 | Name : Arbitrary code may be run on the remote host. File : php_4_2_x_malformed_POST.nasl - Type : ACT_DENIAL |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-02-02 01:02:03 |
|
| 2024-02-01 12:01:22 |
|
| 2023-09-05 12:01:57 |
|
| 2023-09-05 01:01:13 |
|
| 2023-09-02 12:01:58 |
|
| 2023-09-02 01:01:13 |
|
| 2023-08-12 12:02:21 |
|
| 2023-08-12 01:01:14 |
|
| 2023-08-11 12:02:03 |
|
| 2023-08-11 01:01:15 |
|
| 2023-08-06 12:01:53 |
|
| 2023-08-06 01:01:14 |
|
| 2023-08-04 12:01:57 |
|
| 2023-08-04 01:01:14 |
|
| 2023-07-14 12:01:55 |
|
| 2023-07-14 01:01:15 |
|
| 2023-03-29 01:01:54 |
|
| 2023-03-28 12:01:20 |
|
| 2022-10-11 12:01:43 |
|
| 2022-10-11 01:01:07 |
|
| 2021-05-04 12:01:44 |
|
| 2021-04-22 01:01:52 |
|
| 2020-05-23 00:15:03 |
|
| 2019-06-08 12:01:08 |
|
| 2017-10-10 09:23:24 |
|
| 2016-10-18 12:01:03 |
|
| 2016-06-28 14:59:48 |
|
| 2014-02-17 10:24:59 |
|
| 2013-05-11 12:11:21 |
|
