WordPress <= 4.0 - Long Password Denial of Service (DoS)

Affects WordPresses

fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1
fixed in version 4.0.1

References

CVE 2014-9034
EXPLOITDB 35413
EXPLOITDB 35414
METASPLOIT auxiliary/dos/http/wordpress_long_password_dos
URL http://www.behindthefirewalls.com/2014/11/wordpress-denial-of-service-responsible-disclosure.html
URL https://wordpress.org/news/2014/11/wordpress-4-0-1/

Classification

Type DOS
CWE CWE-400

Miscellaneous

Submitter ethicalhack3r
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 13708
Verified Yes
WPVDB ID 7681

Timeline

Publicly Published 2014-11-20 (almost 5 years ago)
Added 2014-11-20 (almost 5 years ago)
Last Updated 2018-08-29 (about 1 year ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin