Martin's selection of few interesting IT Security, Privacy, and free tools from the Net: XML Vulnerability that can take down an entire website or server almost instantly.

Wednesday, August 6, 2014

XML Vulnerability that can take down an entire website or server almost instantly.

(From the article)

Impacts the popular website platforms WordPress and Drupal.

The vulnerability uses a well-known XML Quadratic Blowup Attack — and when executed, it can take down an entire website or server almost instantly.

This is a big deal because WordPress and Drupal are used by millions of websites. The latest statistics from the World Wide Web Consortium (WC3) show WordPress alone powers nearly 23% of the web.

The XML vulnerability Goldshlager discovered affects WordPress versions 3.5 to 3.9 (the current version) and works on the default installation. It affects Drupal versions 6.x to 7.x (the latest version) and also works on the default installation.

When the vulnerability is exploited, the results can basically render a website or web server unusable. The vulnerability can cause 100% CPU and RAM usage, cause the server to become unavailable and also create a Denial of Service attack on the MySQL database program

The good news is that both WordPress and Drupal have released patches for their applications.

The link below has more information:-

http://mashable.com/2014/08/06/wordpress-xml-blowup-dos/

Martin's selection of few interesting IT Security, Privacy, and free tools from the Net

Wednesday, August 6, 2014

XML Vulnerability that can take down an entire website or server almost instantly.

No comments:

Post a Comment

Popular Posts

Categories

Blog Archive