CVE-2006-0631

Name of the Vulnerable Software and Affected Versions mailback versions (affected versions not specified)

Description The issue concerns a CRLF injection vulnerability in the mailback.pl script of Erik C. Thauvin's mailback. This vulnerability allows remote attackers to exploit mailback as a "spam proxy" by modifying mail headers. The modification can include changing recipient e-mail addresses via newline characters inserted in the Subject field.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.