E-mail Header Injection Vulnerabilities
نویسندگان
چکیده
E-mail Header Injection vulnerability is a class of vulnerability that can occur inweb applications that use user input to construct e-mailmessages. E-mail Header Injection is possiblewhen themailing script fails to check for the presence of e-mail headers in user input (either form fields or URL parameters). The vulnerability exists in the reference implementation of the built-in mail functionality in popular languages such as PHP, Java, Python, and Ruby. With the proper injection string, this vulnerability can be exploited to inject additional headers, modify existing headers, and alter the content of the e-mail.
منابع مشابه
On automated prepared statement generation to remove SQL injection vulnerabilities
0950-5849/$ see front matter 2008 Elsevier B.V. A doi:10.1016/j.infsof.2008.08.002 * Corresponding author. Tel.: +1 919 513 4151. E-mail addresses: [email protected] ncsu.edu (L. Williams), [email protected] (T. Xie). Since 2002, over 10% of total cyber vulnerabilities were SQL injection vulnerabilities (SQLIVs). This paper presents an algorithm of prepared statement replacement for rem...
متن کاملR Eview on Ip V 6 S Ecurity V Ulnerability I Ssues and M Itigation
One of the main purposes of Internet Protocol version 6 (IPv6) developments was to solve the IP address depletion concern due to the burgeoning growth of the Internet users. The new Internet protocol provides end-to-end communication, enhanced security and extensibility apart from the other features such as address auto-configuration or plug-and-play and faster packet processing in the routers....
متن کاملInternational Journal of Advance Research and Innovation
In today‘s world the explosive growth of the Internet has brought many good things such as E-commerce-banking, E-mail, Cloud Computing. Most organizations, governments are linked to the internet in some way or the other, but the question arises ̳how safe are they‘. There is also a Dark side to all the progress such as Hack-ing, creation of Backdoors, phishing etc.This paper elucidates in brief ...
متن کاملTechnology Corner: Analysing E-mail Headers For Forensic Investigation
Electronic Mail (E-Mail), which is one of the most widely used applications of Internet, has become a global communication infrastructure service. However, security loopholes in it enable cybercriminals to misuse it by forging its headers or by sending it anonymously for illegitimate purposes, leading to e-mail forgeries. E-mail messages include transit handling envelope and trace information i...
متن کاملExploiting E-mail Structure to Improve Summarization
This paper presents the design and implementation of a system to summarize e-mail messages. The system exploits two aspects of e-mail, thread reply chains and commonly-found features, to generate summaries. The system uses existing software designed to summarize single text documents. Such software typically performs best on well-authored, formal documents. E-mail messages, however, are typical...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- it - Information Technology
دوره 59 شماره
صفحات -
تاریخ انتشار 2017