[wp-trac] [WordPress Trac] #11685: Search flood exploit
WordPress Trac
wp-trac at lists.automattic.com
Fri Jan 1 19:34:25 UTC 2010
#11685: Search flood exploit
--------------------------+-------------------------------------------------
Reporter: scribu | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.0
Component: Security | Version:
Severity: normal | Keywords:
--------------------------+-------------------------------------------------
Just found this DOS attack:
http://packetstormsecurity.org/filedesc/WPd0s.sh.txt.html
It just makes a lot of requests with a random search string each time to
prevent caching plugins from doing their job.
Maybe WP should have some sort of flood protection against this?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11685>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list