[wp-hackers] Wordpress Cookie Authentication Vulnerability
Bob
wp-hackers at nj-arp.org
Tue Nov 20 16:46:02 GMT 2007
I'm not a security weenie, but it seems to me you wouldn't even need an
exploit. Unless you're running SSL, the hashed password is sent in the
clear, so a hacker can get the hashed password and then exploit this cookie
vulnerability.
----- Original Message -----
From: "Ryan Boren" <ryan at boren.nu>
To: <wp-hackers at lists.automattic.com>
Sent: Tuesday, November 20, 2007 2:41 AM
Subject: Re: [wp-hackers] Wordpress Cookie Authentication Vulnerability
> On 11/19/07, Computer Guru <computerguru at neosmart.net> wrote:
>> You've got to be kidding me!
>>
>> I read the first five words then burst out laughing:
>> "With read-only access to the Wordpress database"...
>>
>> Once you've got read-only access to a database, how much more vulnerable
>> do
>> you want?
>
> Yeah, it's not a vulnerability in and of itself. But, in the event
> your site is compromised (cough -- WP exploits -- cough), these
> measures would prevent someone slurping your password hashes and doing
> naughty things with them after you've patched whatever hole was
> exploited. If we can add these extra measures cheaply, they can be
> handy when cleaning up after an exploit.
>
> Ryan
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
More information about the wp-hackers
mailing list