Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Denial of Service in WordPress
From: Cool Hand Luke <coolhandluke () coolhandluke org>
Date: Sat, 29 Jun 2013 20:36:51 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 06/28, Julius Kivimäki wrote:
If one wants to conduct such attacks, would it not be a million times
easier for them to use infected hosts to do thousands of requests per
second? (Per computer). Can you come up with a scenario where this "attack"
would actually be useful?

no, he can't. there isn't such a scenario. this is one of those
situations where in theory he is correct but in reality this is simply
not an issue.

there are a thousand other attacks one could do that would be more
efficient and more effective (which others have been trying to explain
to him) but he refuses to listen and insists this is a major problem.

this is *not* an issue -- which is why everyone has been ignoring it for
5.5 years.

- -chl

- --
cool hand luke


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQF8BAEBCgBmBQJRz0VjXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5RUE3NjY3OTY3NTE0RjAyMDgyRTNBQzAy
QkE2NTVENTVDODgzNUVCAAoJECumVdVciDXrtT4IAJwAnbWUWrzLXuX29QO9Wsk1
nWbwOF4t0QgPaCnQckwD9r6a5/EpUIjSRD00yweXjL12ZX4RobtI18tri+h2bor3
xq9PQgsHCLe1XdU4CSAmmKpVb7Bd5YJExxH/JQJbZQdQS/KNZFvdGBKHsN4O6WYr
E28H5kggpcBF1++iWp2WEBLdyoW9bGdRvtPukDkLOnLUGU28IAhxCtOlYGnjz1LE
QmQvT3U4325sOKNJCdCuw3kCYnEEHY3/PlVDd/uVEiWt9w8mVzzTbUI3rjwYVagM
VV9urMW9XnaaZ5VFQEUluh3jtofgfrd9d97/x/vSj2cuGMOSgvKbRg/T5XIg6JM=
=7+mT
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault