5 matches found
EUVD-2007-0537
Malware in sbrugna...
CVE-2007-0539
The wpremotefopen function in WordPress before 2.1 allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint...
CVE-2007-0539
The CVE-2007-0539 entry concerns WordPress prior to 2.1, where the wp_remote_fopen function can be abused by remote pingback calls that reference a very large file. This triggers a long download session without a timeout, enabling a denial of service (bandwidth or thread consumption). Connected s...
WordPress <= 2.0 - Denial of Service Attacks
The wpremotefopen function allows the attackers to cause a denial of service attacks via pingback service calls. Solution Update the WordPress to the latest available version at least 2.0.1...
Wordpress Pingback SourceURI拒绝服务和信息泄露漏洞
Wordpress是一款基于WEB的网络日记应用程序。 Wordpress包含的XMLRPC和Pingback存在多个问题,远程攻击者可以利用漏洞进行拒绝服务攻击或者获得敏感信息。 Wordpress处理Pingback机制存在问题,发送恶意请求可导致拒绝服务攻击。 另外由于在传递给wpremotefopen函数时对sourceURI参数缺少过滤,可导致指定非HTTP资源来读取类似本地文件或者FTP源的信息。特定情况下,恶意用户可判断部分文件是否存在在系统中。 WordPress Wordpress B2 0.6.2 .1 WordPress Wordpress B2 0.6.2...