Difference between revisions of "WAF 390639"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with ''''Rule ID''' 390639 '''Alert Message''' Atomicorp.com WAF Rules - Just In Time Patch: WordPress trackback resource exhaustion attack '''Description''' This rules detec…')
 
m
 
Line 17: Line 17:
 
'''Similar Rules'''
 
'''Similar Rules'''
  
 +
[[WAF_390640]]
  
 
'''Outside References'''
 
'''Outside References'''
  
CVE-2009-3622 WordPress: Resource exhaustion (DoS)  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3622
+
CVE-2009-3622 WordPress: Resource exhaustion (DoS)  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3622

Latest revision as of 18:45, 4 May 2010

Rule ID

390639

Alert Message

Atomicorp.com WAF Rules - Just In Time Patch: WordPress trackback resource exhaustion attack

Description

This rules detects a specific type of resource exhaustion attack on wordpress, or a blind attack on WordPress (for example if wordpress is not installed on the system). WordPress versions prior to 2.8.5 have a vulnerability where an attacker can cause a denial of service to the server. This issue is caused by an error in the "wp-trackbacks.php" script which can be exploited to exhaust all available system resources, creating a denial of service condition.

False Positives

There are no known False Positives for this, however if you believe this is a false positive, it is recommended that you report this to our security team can determine if this is a legitimate case, or if its clever attack on your system and that you not disable this rule until our security team has reviewed the attack. Instructions to report false positives are detailed on the Reporting False Positives wiki page.

Similar Rules

WAF_390640

Outside References

CVE-2009-3622 WordPress: Resource exhaustion (DoS) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3622

Personal tools