On Mon, Feb 10, 2014 at 8:02 AM, MustLive <mustl...@websecurity.com.ua>wrote: > > There is DoS vulnerability in WordPress, <snip>
As pointed out by others, this is unbearably vague. But it's also invalid. Your "attack" requires that a maintenance script to repair tables is left open for anyone to access. The constant that you point out must be set, WP_ALLOW_REPAIR, is only there so a user can access this script, run the script, then remove the constant (as the script instructs). Your suggestion appears to be to validate the logged-in user. But because this script is to fix a *corrupt database,* we would have no way of authenticating users. Thus, the script is instead secured by a temporary configuration change. Aris mentions he experienced corruption in his own WordPress setup. It's most likely the options table simply crashed, not as a result of any particular exploit. This is, after all, why MySQL has a REPAIR command (and why we have a script for users to use). I have read to quite a few of your "attacks" against WordPress core, but I don't recall ever reading a valid one. Perhaps for WordPress issues you should switch from "full disclosure" to a more responsible course of action, such as contacting us first ( secur...@wordpress.org) so we can evaluate it. I understand the general appeal of full disclosure, but when all you're doing is publishing invalid vulnerabilities, it's only spreading FUD and also making it tough for others to take any of your "attacks" seriously. This mailing list would probably appreciate the higher signal-to-noise ratio. Regards, Andrew Nacin Lead Developer WordPress
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
