Re: HYSA-2006-008 myBloggie 2.1.3 CRLF & SQL Injection

["Steven M. Christey" <coley () mitre org>]

> --==CRLF injection==--
>
> GET /mybloggie/ HTTP/1.0
> Accept: */*
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
> Host: 127.0.0.1:80
> Cookie: PHPSESSID=op0-11{}};q, or something like that
> Connection: Close


This demonstration code does not contain any carriage return / line
feed sequences.  What is the nature of the CRLF injection?  Or are you
talking about a different kind of vulnerability?  What source code
shows where the issue is?


Thanks,
Steve