Strix
26.1K

CVE-2009-1469

UnknownEPSS 2.55%

Last modified

CVE-2009-1469 is a vulnerability of currently unknown severity. CRLF injection vulnerability in the Forgot Password implementation in server/webmail.php in IceWarp eMail Server and WebMail Server before 9.4.2 makes it easier for remote attackers to trick a user into disclosing credentials via CRLF sequences preceding a Reply-To header in the subject element of an XML document, as demonstrated by triggering an e-mail message from the server that contains a user's correct credentials, and requests that the user compose a reply that includes this message.. EPSS estimates a 2.55% chance of exploitation in the next 30 days.

Description

CRLF injection vulnerability in the Forgot Password implementation in server/webmail.php in IceWarp eMail Server and WebMail Server before 9.4.2 makes it easier for remote attackers to trick a user into disclosing credentials via CRLF sequences preceding a Reply-To header in the subject element of an XML document, as demonstrated by triggering an e-mail message from the server that contains a user's correct credentials, and requests that the user compose a reply that includes this message.

Metrics

EPSS Probability
2.55%

83.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
IcewarpEmail Server<= 9.3.0
IcewarpEmail Server2.10.105
IcewarpEmail Server2.10.110
IcewarpEmail Server2.10.115
IcewarpEmail Server2.10.140
IcewarpEmail Server2.10.150
IcewarpEmail Server2.10.165
IcewarpEmail Server2.10.170
IcewarpEmail Server2.10.190
IcewarpEmail Server2.10.200
IcewarpEmail Server2.10.210
IcewarpEmail Server2.10.220
IcewarpEmail Server2.10.240
IcewarpEmail Server2.10.250
IcewarpEmail Server2.10.260
IcewarpEmail Server2.10.280
IcewarpEmail Server2.10.290
IcewarpEmail Server2.10.310
IcewarpEmail Server2.10.320
IcewarpEmail Server2.10.330
IcewarpEmail Server2.10.331
IcewarpEmail Server2.10.340
IcewarpEmail Server2.10.350
IcewarpEmail Server2.10.360
IcewarpEmail Server3.00.100
IcewarpEmail Server3.00.110
IcewarpEmail Server3.00.120
IcewarpEmail Server3.00.130
IcewarpEmail Server3.00.140
IcewarpEmail Server3.10.011
IcewarpEmail Server3.10.110
IcewarpEmail Server4.00.30
IcewarpEmail Server4.2.1
IcewarpEmail Server4.2.2
IcewarpEmail Server4.2.3
IcewarpEmail Server4.4.1
IcewarpEmail Server4.4.2
IcewarpEmail Server4.10.040
IcewarpEmail Server4.10.050
IcewarpEmail Server5.1.2
IcewarpEmail Server5.1.3
IcewarpEmail Server5.1.5
IcewarpEmail Server5.3.0
IcewarpEmail Server5.3.2
IcewarpEmail Server5.4.1
IcewarpEmail Server5.4.2
IcewarpEmail Server5.4.3
IcewarpEmail Server5.4.4
IcewarpEmail Server5.5.3
IcewarpEmail Server5.5.4

Showing 50 of 176 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2009-1469?
CRLF injection vulnerability in the Forgot Password implementation in server/webmail.php in IceWarp eMail Server and WebMail Server before 9.4.2 makes it easier for remote attackers to trick a user into disclosing credentials via CRLF sequences preceding a Reply-To header in the subject element of an XML document, as demonstrated by triggering an e-mail message from the server that contains a user's correct credentials, and requests that the user compose a reply that includes this message.
How severe is CVE-2009-1469?
Severity scoring for CVE-2009-1469 is pending analysis. The EPSS model estimates a 2.55% probability of exploitation in the next 30 days.
How do I fix CVE-2009-1469?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-1469?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST