If it's connected to the Internet, it's already got an exploit ;)
On Wed, Aug 31, 2011 at 12:26 PM, Ben McGinnes <[email protected]> wrote: > On 31/08/11 4:30 PM, Jacqui Caren-home wrote: > > is running wordpress 3.2.1 > > > > This lahore based spammer is running a PPC link blog and is pushing his > crap > > all over the social networks right now and has just appeared in my work > > spamtraps from botnett'd systems. > > > > Anyone know if the above site has any known exploits? > > > > Note the hosting company has been notified, so expect any attacks/tests > to be monitored. > > If they don't have the PHP floating point DOS attack workaround > plug-in installed then that might be a vector. > > https://core.trac.wordpress.org/ticket/16097 > > http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/ > > It also depends on which version of PHP they're running and whether > it's been fixed yet (it's a PHP bug rather than a WordPress one). > > > Regards, > Ben > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
