[wp-trac] Re: [WordPress Trac] #5367: Wordpress cookie
authentication vulnerability
WordPress Trac
wp-trac at lists.automattic.com
Wed Nov 21 13:51:53 GMT 2007
#5367: Wordpress cookie authentication vulnerability
-------------------------------------+--------------------------------------
Reporter: sjmurdoch | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.4
Component: Security | Version: 2.3.1
Severity: normal | Resolution:
Keywords: security, password, md5 |
-------------------------------------+--------------------------------------
Comment (by sjmurdoch):
Eduardo Tongson posted a helpful [http://lists.grok.org.uk/pipermail/full-
disclosure/2007-November/058611.html message to full-disclosure] pointing
to two papers on cookie authentication. I strongly recommend reading these
before implementing any changes.
--
Ticket URL: <http://trac.wordpress.org/ticket/5367#comment:12>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list