Sourceforge Brute Force Attack Vulnerability
I want to share my finding "Sourceforge Brute Force" Attack Sourceforge.com which I have reported to Source Forge Security Team on 25th October 2013.
I want to share my finding "Sourceforge Brute Force" Attack Sourceforge.com which I have reported to Source Forge Security Team on 25th October 2013.
While downloading a project i think that i should test the log in panel for brute force attack vulnerability On - https://sourceforge.net/account/login.php
After some analysis i have found that the there was no protection of login attempts or you can say Brute force attack ..
So i test the source forge log in panel i found something interesting.In my test i have tested 100 something attempts with my account bhati.contact@gmail.com