Browse dokuwiki: This Month's Archive • Main Archive Page • Related posts • Previous by Date • Next by Date

[dokuwiki] Re: attempt to use possible vulnerability of dokuwiki

From: Jonathan Dill <jonathan@xxxxxxxxx>
To: dokuwiki@xxxxxxxxxxxxx
Date: Wed, 06 Feb 2008 13:15:34 -0500

I plugged in some of the "search" strings at random to Google and thereare thousands of reports of this type of activity, it does not appear tobe targeted at dokuwiki, but any type of website. Some people havereported a Denial of Service with 20+ per second of this type ofactivity. I have not found a good explanation yet of what they appearto be trying to exploit.

For dokuwiki, the most common thing that I would expect is a POST withsome sort of spamming or defacement, not a GET. Offhand, I would guessit is some type attempt at Buffer Overrun (BO) but I don't know what theactual target is.


Jonathan
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

Follow-Ups:

[dokuwiki] Re: attempt to use possible vulnerability of dokuwiki
From: Wes

[dokuwiki] Re: attempt to use possible vulnerability of dokuwiki
From: Jonathan Dill

References:
- [dokuwiki] attempt to use possible vulnerability of dokuwiki
  - From: gstat1

Other related posts:

[dokuwiki] attempt to use possible vulnerability of dokuwiki

[dokuwiki] Re: attempt to use possible vulnerability of dokuwiki