I’m using the latest version of WordPress and was able to DoS my server up to >45 load averages with it.
It seems to be an issue in wp-trackback.php
I made a quick blog post about it, and included a temporary work around at:
Update: I posted a quick little fix and tested it for this DoS.
- The topic ‘Exploit/dos against latest version 2.8.4’ is closed to new replies.