[wp-trac] [WordPress Trac] #21420: Login without salted MD5 Password
WordPress Trac
wp-trac at lists.automattic.com
Mon Jul 30 14:38:36 UTC 2012
#21420: Login without salted MD5 Password
--------------------------+-----------------------
Reporter: shubhamoy | Owner:
Type: defect (bug) | Status: reopened
Priority: normal | Milestone:
Component: General | Version: 3.4.1
Severity: normal | Resolution:
Keywords: close |
--------------------------+-----------------------
Comment (by nacin):
Replying to [comment:5 shubhamoy]:
Let me adjust that for you:
> An attacker places a SymLink Attack on the server and reads the wp-
config.php of a wordpress powered site. After that accesses the database,
updates the wp_users table with "$P$B.Vpi0aAjSqYg6AILPxrXemVw6Xysa1". Logs
into admin panel and then takes over the website. Now the feature for the
ease of user who forgets the password gets exploited.
How is that any different? The server is still compromised either way.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/21420#comment:7>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list