More information about the Underscore mailing list

[_] header injection attack

Jack Rose jacklists at
Wed Nov 12 15:56:56 GMT 2008

I notice that the site is hosted with Servage - I've had the same
thing happen with sites hosted on 3 different accounts with them and
spoken to a few other people that have had similar problems with sites
hosted by Servage.

A quick google search came up with a load of people complaining about
similar problems including this thread on sitepoint

I changed hosts and I'd recommend doing the same.

On Wed, Nov 12, 2008 at 11:45 AM, s'unya <sunya.dickman at> wrote:
> Apologies if this mail did go through earlier - I had imap controls on in
> gmail and had a queer response from the mailman.
> I just noticed that one of the sites I built a while back has had what I
> think is a header injection ( - view bottom of
> source). I can't work out where it is happening, does anyone have any tips
> on how to analyse where the vulnerability is?
> Help much appreciated.
> --
>                     o
>           o                 o
>               O   O   O
>     o  o   O s´unya O   o  o
> --
> underscore_ list info/archive ->