Welcome to WebmasterWorld Guest from 54.167.185.18

Forum Moderators: Ocean10000 & incrediBILL

Message Too Old, No Replies

Indy Library

   
12:21 pm on Sep 14, 2012 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



This thing been around for ages.
Not sure that I've even seen one in the past six months.

I'm more curious about the vulnerability (search) term?
Anybody have a clue?

80.82.68.83 - - [14/Sep/2012:11:05:53 +0100] "GET /?author=1 HTTP/1.1" 403 559 "-" "Mozilla/3.0 (compatible; Indy Library)"


author= one thru ten was requested.
4:55 am on Sep 15, 2012 (gmt 0)



There's a mention about the user enumeration on WordPress here:
[question-defense.com...]

It's adviced to block it via .htaccess


WordPress 3.3.1 User Count Enumeration - WordPress version 3.3.1 suffers from a user count enumeration vulnerability.
[packetstormsecurity.org...]

WordPress UserId & Username Enumeration Exploit/PoC Script
[riyazwalikar.com...]

Wordpress Brute Force and User Enumeration Utility
[metasploit.com...]
9:29 am on Sep 15, 2012 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



"There's a mention about the user enumeration on WordPress here: "

Many thanks.

That fits, as per other WP vulnerability checks from other IP's and UA's.
3:52 am on Sep 17, 2012 (gmt 0)



You're welcome :)