FreeBSD : gforge -- XSS and email flood vulnerabilities (d7cd5015-08c9-11da-bc08-0001020eed82)

Medium Nessus Plugin ID 56498


The remote FreeBSD host is missing a security-related update.


Jose Antonio Coret reports that GForge contains multiple Cross Site Scripting vulnerabilities and an e-mail flood vulnerability :

The login form is also vulnerable to XSS (Cross Site Scripting) attacks. This may be used to launch phising attacks by sending HTML e-mails (i.e.: saying that you need to upgrade to the latest GForge version due to a security problem) and putting in the e-mail an HTML link that points to an specially crafted url that inserts an html form in the GForge login page and when the user press the login button, he/she send the credentials to the attackers website.

The 'forgot your password?' feature allows a remote user to load a certain URL to cause the service to send a validation e-mail to the specified user's e-mail address. There is no limit to the number of messages sent over a period of time, so a remote user can flood the target user's secondary e-mail address. E-Mail Flood, E-Mail bomber.


Update the affected package.

See Also

Plugin Details

Severity: Medium

ID: 56498

File Name: freebsd_pkg_d7cd501508c911dabc080001020eed82.nasl

Version: $Revision: 1.4 $

Type: local

Published: 2011/10/14

Modified: 2013/06/22

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:gforge, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: No exploit is required

Patch Publication Date: 2005/08/09

Vulnerability Publication Date: 2005/07/27

Reference Information

CVE: CVE-2005-2430, CVE-2005-2431

BID: 14405