Re: HYSA-2006-008 myBloggie 2.1.3 CRLF & SQL Injection

To: h4cky0u.org@xxxxxxxxx
Subject: Re: HYSA-2006-008 myBloggie 2.1.3 CRLF & SQL Injection
From: "Steven M. Christey" <coley@xxxxxxxxx>
Date: Thu, 27 Jul 2006 16:32:12 -0400 (EDT)
Cc: bugtraq@xxxxxxxxxxxxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

>--==CRLF injection==--
>
>GET /mybloggie/ HTTP/1.0
>Accept: */*
>User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
>Host: 127.0.0.1:80
>Cookie: PHPSESSID=op0-11{}};q, or something like that
>Connection: Close


This demonstration code does not contain any carriage return / line
feed sequences.  What is the nature of the CRLF injection?  Or are you
talking about a different kind of vulnerability?  What source code
shows where the issue is?


Thanks,
Steve

Prev by Date: Oracle 10g R2 and, probably, all previous versions
Next by Date: [USN-327-1] firefox vulnerabilities
Previous by thread: HYSA-2006-008 myBloggie 2.1.3 CRLF & SQL Injection
Next by thread: RadLance Local Inclusion Exploit
Index(es):
- Date
- Thread