[wp-hackers] Wordpress Cookie Authentication Vulnerability
les at lcb.me.uk
Tue Nov 20 07:33:26 GMT 2007
<puts network admin hat on>
"A remote attacker, with read access to the password database can gain
Yes, the same is true for a lot of computer systems. It's not generally
viewed as a vulnerability in itself....
Les Bessant les at lcb.me.uk
Losing it - http://lcb.me.uk
My flickr pictures - http://flickr.com/photos/lesbessant/
> -----Original Message-----
> From: wp-hackers-bounces at lists.automattic.com [mailto:wp-hackers-
> bounces at lists.automattic.com] On Behalf Of Computer Guru
> Sent: 20 November 2007 07:12
> To: wp-hackers at lists.automattic.com
> Subject: Re: [wp-hackers] Wordpress Cookie Authentication Vulnerability
> You've got to be kidding me!
> I read the first five words then burst out laughing:
> "With read-only access to the Wordpress database"...
> Once you've got read-only access to a database, how much more
> vulnerable do
> you want?
> On 11/20/07, Santanu Misra <santanu.misra at gmail.com> wrote:
> > Not sure if this is discussed already.
> > http://lwn.net/Articles/259204/
> > -- Thanks
> > _______________________________________________
> > wp-hackers mailing list
> > wp-hackers at lists.automattic.com
> > http://lists.automattic.com/mailman/listinfo/wp-hackers
> Computer Guru
> NeoSmart Technologies
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers