Project InfoSponsor & PartnerInstalling ispCPFAQDocumentationDevelopment
Current time: 09-28-2024, 04:40 AM Hello There, Guest! (LoginRegister)

ispCP - Board - Support / ispCP Omega Development Area / Small Talk v / PMA Security vulnerability ?

Post Reply 
PMA Security vulnerability ?
Author Message
joximu Offline
helper
*****
Moderators

Posts: 7,024
Joined: Jan 2007
Reputation: 92
Post: #8
RE: PMA Security vulnerability ?
Well I'm still not quite sure.
docu in pma:
> In cookie mode, the password is stored, encrypted with the blowfish
> algorithm, in a temporary cookie

I don't say it's easy to break in but I think it'd be better if the blowfish_secret is not the same in all installations...

When I have some time, I'll try to test that. I the Cookies I have user and passwd - encryted, now I have to analyze how pma does decrypt theese things and then we'll see.

And then we make the test: you give me the cookie data of your pma and I'll try to get the password in cleartext...
05-31-2007 08:33 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Messages In This Thread
PMA Security vulnerability ? - BeNe - 05-30-2007, 07:11 PM
RE: PMA Security vulnerability ? - joximu - 05-30-2007, 07:47 PM
RE: PMA Security vulnerability ? - BeNe - 05-30-2007, 11:34 PM
RE: PMA Security vulnerability ? - RatS - 05-31-2007, 02:22 AM
RE: PMA Security vulnerability ? - BeNe - 05-31-2007, 02:40 AM
RE: PMA Security vulnerability ? - joximu - 05-31-2007, 03:23 AM
RE: PMA Security vulnerability ? - RatS - 05-31-2007, 07:30 AM
RE: PMA Security vulnerability ? - joximu - 05-31-2007 08:33 AM
RE: PMA Security vulnerability ? - raphael - 05-31-2007, 10:17 AM
RE: PMA Security vulnerability ? - raphael - 05-31-2007, 11:22 AM
RE: PMA Security vulnerability ? - joximu - 05-31-2007, 05:07 PM
RE: PMA Security vulnerability ? - BeNe - 05-31-2007, 11:12 PM
RE: PMA Security vulnerability ? - raphael - 06-01-2007, 10:21 AM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | isp Control Panel ( ispCP ) | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication