Full Disclosure mailing list archives
Re: http://www.bestcareersopportunities.com/
From: Christian Sciberras <uuf6429 () gmail com>
Date: Wed, 31 Aug 2011 12:55:14 +0200
If it's connected to the Internet, it's already got an exploit ;) On Wed, Aug 31, 2011 at 12:26 PM, Ben McGinnes <ben () adversary org> wrote:
On 31/08/11 4:30 PM, Jacqui Caren-home wrote:is running wordpress 3.2.1 This lahore based spammer is running a PPC link blog and is pushing hiscrapall over the social networks right now and has just appeared in my work spamtraps from botnett'd systems. Anyone know if the above site has any known exploits? Note the hosting company has been notified, so expect any attacks/teststo be monitored. If they don't have the PHP floating point DOS attack workaround plug-in installed then that might be a vector. https://core.trac.wordpress.org/ticket/16097 http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/ It also depends on which version of PHP they're running and whether it's been fixed yet (it's a PHP bug rather than a WordPress one). Regards, Ben _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- http://www.bestcareersopportunities.com/ Jacqui Caren-home (Aug 30)
- Re: http://www.bestcareersopportunities.com/ Ben McGinnes (Aug 31)
- Re: http://www.bestcareersopportunities.com/ Christian Sciberras (Aug 31)
- Re: http://www.bestcareersopportunities.com/ James Voss (Aug 31)
- Re: http://www.bestcareersopportunities.com/ Ben McGinnes (Aug 31)