Lucene search

K
ubuntucveUbuntu.comUB:CVE-2005-2431
HistoryAug 03, 2005 - 12:00 a.m.

CVE-2005-2431

2005-08-0300:00:00
ubuntu.com
ubuntu.com
9

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

67.3%

The (1) lost password and (2) account pending features in GForge 4.5 do not
properly set a limit on the number of e-mails sent to an e-mail address,
which allows remote attackers to send a large number of messages to
arbitrary e-mail addresses (aka mail bomb).

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

67.3%

Related for UB:CVE-2005-2431