[wp-testers] WordPress 2.0.1 Remote DoS Exploit?
Jeffrey Leung
curriegrad2004 at gmail.com
Fri Mar 10 05:54:28 GMT 2006
Ouch. That's a blow to WordPress Users.
On 3/9/06, Robert Deaton <false.hopes at gmail.com> wrote:
>
> For an FYI, this "vulnerability" was reported to trac March 5th. It
> was discussed on the #wordpress-dev IRC channel and it will be going
> unpatched, as its attack vector is tiny (registration is off by
> default), and WordPress is not the level that you should be handling
> denial-of-service attacks at, especially when the amount of code to
> change the exploit to using a DDOS with open proxies to kill your
> database twice as bad with the registration and writes would take
> about 10 minutes.
>
> On 3/9/06, steve caturan <scaturan at negimaki.com> wrote:
> > wow, that's great news!
> >
> > Craig wrote:
> > > Matt said yesterday in #wordpress that an independent third party was
> > > evaluating the changes made in 2.0.2 to ensure that they in fact work
> as
> > > designed.
> > >
> > > Craig.
> > > _______________________________________________
> > > wp-testers mailing list
> > > wp-testers at lists.automattic.com
> > > http://lists.automattic.com/mailman/listinfo/wp-testers
> > >
> > >
> > >
> >
> >
> > _______________________________________________
> > wp-testers mailing list
> > wp-testers at lists.automattic.com
> > http://lists.automattic.com/mailman/listinfo/wp-testers
> >
>
>
> --
> --Robert Deaton
> http://somethingunpredictable.com
>
> _______________________________________________
> wp-testers mailing list
> wp-testers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-testers
>
>
>
More information about the wp-testers
mailing list