Home page logo
/

bugtraq logo Bugtraq mailing list archives

more information about Phpnuke issue, postnuke vulnerable too !
From: Cabezon Aurélien <aurelien.cabezon () isecurelabs com>
Date: Thu, 22 Nov 2001 23:54:54 +0100

Hi list and phpnuke admin !

As you know now, according to little advisory/demonstration
http://www.isecurelabs.com/article.php?sid=230 i wrote yesturday, phpnuke
store Base64 encoded admin password in a cookie that can be stolen.
Know that postnuke 0.6.4 is also vulnerable cause postnuke store base64
encoded admin password in a cookie.

regards,

---
Cabezon Aurélien | aurelien.cabezon () isecurelabs com
http://www.iSecureLabs.com | French Security Portal


____________________________________________
" Sachez qu'aujourd'hui est le plus beau jour de votre vie,
car c'est le premier de ceux qu'il vous reste à vivre "


  By Date           By Thread  

Current thread:
  • more information about Phpnuke issue, postnuke vulnerable too ! Cabezon Aurélien (Nov 23)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault