[wpmu-trac] [WordPress MU Trac] #1183: Invalid feed URL in RSS widget causes Apache crash on Windows 2003
WordPress MU Trac
wpmu-trac at lists.automattic.com
Thu Dec 17 22:47:16 UTC 2009
#1183: Invalid feed URL in RSS widget causes Apache crash on Windows 2003
--------------------------+-------------------------------------------------
Reporter: LanceGrigsby | Owner: somebody
Type: defect | Status: new
Priority: high | Milestone: 2.8.6
Component: component1 | Version: 2.8.6
Severity: major | Keywords: Apache, RSS, URL validation
--------------------------+-------------------------------------------------
If a user in a WordPress MU installation mistakenly uses his or her base
blog URL as the feed address in an RSS widget without appending ../feed/,
an infinite loop is created when clients request the URL over the net--the
result is that Apache monopolizes all CPU memory, causing a web server
crash. This occurs on Windows 2003 servers running Apache 2.2. The fact
that this is possible highlights a potential weakness in the way the WPMU
core validates its feed URLs.
--
Ticket URL: <http://trac.mu.wordpress.org/ticket/1183>
WordPress MU Trac <http://mu.wordpress.org/>
WordPress Multiuser
More information about the wpmu-trac
mailing list