[wp-trac] Re: [WordPress Trac] #5367: Wordpress cookie authentication vulnerability

WordPress Trac wp-trac at lists.automattic.com
Tue Dec 11 12:42:16 GMT 2007

#5367: Wordpress cookie authentication vulnerability
 Reporter:  sjmurdoch                |        Owner:  westi   
     Type:  defect                   |       Status:  assigned
 Priority:  normal                   |    Milestone:  2.4     
Component:  Security                 |      Version:  2.3.1   
 Severity:  normal                   |   Resolution:          
 Keywords:  security, password, md5  |  
Comment (by sjmurdoch):

 Replying to [comment:41 ryan]:
 > Even with a block cipher we still have to worry about someone getting
 the key if it is stored in the DB, yes?

 The rough idea I was thinking of is storing the encrypted hash of the
 password in the cookie, and the double hash in the database. Then if an
 attacker can read the key and double-hash, they can still not generate a
 valid cookie.

 > Don't know if it's any good.
 > http://www.jonasjohn.de/snippets/php/md5-based-block-cipher.htm

 It looks a bit weird (it's not CFB, like it says and it's not quite OFB
 either). Maybe it works though, but it needs more thought.

Ticket URL: <http://trac.wordpress.org/ticket/5367#comment:42>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list