Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [month] [year] [list] 
Date: Wed, 21 Oct 2009 13:24:48 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: Steven Christey <coley@...us.mitre.org>
Subject: Re: CVE request: Wordpress Trackback DoS

Please use CVE-2009-3622

Thanks.

-- 
    JB


----- "Hanno Böck" <hanno@...eck.de> wrote:

> http://seclists.org/fulldisclosure/2009/Oct/263
> http://security-sh3ll.blogspot.com/2009/10/wordpress-resource-exhaustion-
> denial-of.html
> 
> Original post (and credits to) seems to be this, it's not english:
> http://rooibo.wordpress.com/2009/10/17/agujero-de-seguridad-en-wordpress/
> 
> Upstream recognized and fixed in 2.8.5:
> http://wordpress.org/development/2009/10/wordpress-2-8-5-hardening-release/
> 
> -- 
> Hanno Böck		Blog:		http://www.hboeck.de/
> GPG: 3DBD3B20		Jabber/Mail:	hanno@...eck.de
> 
> http://schokokeks.org - professional webhosting

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ