Description
CRLF injection vulnerability in BSMTP.DLL in B21Soft BASP21 2003.0211, and BASP21 Pro 1.0.702.27 and earlier, allows remote attackers to inject arbitrary headers into e-mail messages via CRLF sequences in Subject lines.
Affected products
- b21soft / basp211.0.702.27
- b21soft / basp212003.0211 – 2003.0211
References
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/33211
- MISChttp://www.hi-ho.ne.jp/babaq/basp21.html
- MISChttp://osvdb.org/34495
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/1113
- MISChttp://www.securityfocus.com/bid/23134
- MISChttp://jvn.jp/jp/JVN%2386092776/index.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/24652