___/ On Fri 10 Mar 2006 06:34:55 GMT, [ Robert Deaton ] wrote : \___
On 3/10/06, Craig <nuclearmoose@xxxxxxxxx> wrote:
So, you're saying this isn't a vulnerability?
No more of a vulnerability than the fact that I can visit your front
page a kajillion times in rapid succession from more than one computer
all at the same time.
As I said in wp-hackers, if brute-force attacks finally count as
vulnerabilities, expect more of the same after the release of 2.0.2. To
quote:
,----[ Snippet ]
| 2) "Compromise by an extended Brute Force attack is not a CVE
| vulnerability." (Brute Force Exception)
|
| [...]
|
| 3) "A denial of service in a client that is easy to recover from, is
| not a CVE vulnerability." (Client-Side Denial of Service Exception)
`----
Source: http://www.cve.mitre.org/board/archives/1999-07/msg00146.html
___/ On Fri 10 Mar 2006 06:36:31 GMT, [ Craig ] wrote : \___
So if you did that, and I had AdSense, I'd be rich, right? :^)
That is yet another growing concern:
http://news.bbc.co.uk/1/hi/technology/4787474.stm
which, among other malice, leads to:
http://www.whatistheword.com/story/Money_722.html
Don't expect attackers to make *you* richer. However, some of them can drain
the competition out of money, which benefits Webmasters in the process.
|