eBay invites a self-generated DDoS
By permitting active content in auction listings, eBay has made it childishly simple to post the javascript that would cause a distributed denial of service attack *on* *eBay's* *own* *servers*.
Obviously I won't post the code, but the script would install a browser helper object that silently and invisibly opened a browser window (MSIE for example) on eBay's own search engine, and then generated a search for a random string every few seconds.
Removing the auction would not stop the BHOs that had already been installed on unsuspecting eBayers' computers, and therefor would not stop the DDoS. And since eBay refuses to restrict active content, the malicious coder(s) could open lots more such "auctions" and infect many thousands more computers. Only by blocking the source IPs of the infected computers - and thus blocking their own customers from accessing eBay - could the DDoS be mitigated somewhat.
Frankly, I'm surprised it hasn't already been done.