Full Disclosure mailing list archives
Re: DoS via tables corruption in WordPress
From: Aris Adamantiadis <aris () 0xbadc0de be>
Date: Tue, 11 Feb 2014 14:46:13 +0100
Le 11/02/14 09:34, Andrew Nacin a écrit :
Aris mentions he experienced corruption in his own WordPress setup. It's most likely the options table simply crashed, not as a result of any particular exploit. This is, after all, why MySQL has a REPAIR command (and why we have a script for users to use).
This happened again last night. The mysql corruption was caused by an OOM random kill (thanks linux) that chose mysql daemon as a victim. The cause of the OOM was either wordpress or piwik, probably made possible through apache misconfiguration (too many children). I have yet to determine if that was an accident or an attack. If Mustlive has any real and concrete information (URL, exploit code), please share with us. Aris
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- DoS via tables corruption in WordPress MustLive (Feb 10)
- Re: DoS via tables corruption in WordPress Aris Adamantiadis (Feb 10)
- Re: DoS via tables corruption in WordPress Harry Metcalfe (Feb 10)
- Re: DoS via tables corruption in WordPress Andrew Nacin (Feb 11)
- Re: DoS via tables corruption in WordPress Aris Adamantiadis (Feb 11)
- Re: DoS via tables corruption in WordPress MustLive (Feb 12)
- Re: DoS via tables corruption in WordPress Harry Metcalfe (Feb 12)
- Re: DoS via tables corruption in WordPress Aris Adamantiadis (Feb 12)
- Re: DoS via tables corruption in WordPress MustLive (Feb 12)
- Re: DoS via tables corruption in WordPress Harry Metcalfe (Feb 17)
- Re: DoS via tables corruption in WordPress Aris Adamantiadis (Feb 11)
- Re: DoS via tables corruption in WordPress Aris Adamantiadis (Feb 10)
- <Possible follow-ups>
- Re: DoS via tables corruption in WordPress Timothy Goddard (Feb 12)
- Re: DoS via tables corruption in WordPress MustLive (Feb 21)
- Re: DoS via tables corruption in WordPress jen140 (Feb 12)