Hi list and phpnuke admin ! As you know now, according to little advisory/demonstration http://www.isecurelabs.com/article.php?sid=230 i wrote yesturday, phpnuke store Base64 encoded admin password in a cookie that can be stolen. Know that postnuke 0.6.4 is also vulnerable cause postnuke store base64 encoded admin password in a cookie. regards, --- Cabezon Aurélien | aurelien.cabezonat_private http://www.iSecureLabs.com | French Security Portal ____________________________________________ " Sachez qu'aujourd'hui est le plus beau jour de votre vie, car c'est le premier de ceux qu'il vous reste à vivre "
This archive was generated by hypermail 2b30 : Fri Nov 23 2001 - 15:07:39 PST