Slashdot Mirror

← Back to Stories (view on slashdot.org)

13-Year-Old Password Security Bug Fixed

Posted by timothy on Monday June 20, 2011 @11:48AM from the not-13-year-old's dept.

arglebargle_xiv writes "In a sign that many eyes don't really make (security) bugs shallow, a thirteen-year-old password-hashing bug that affects (at least) PHP, some Linux distros (Owl, ALT Linux, SUSE), and a variety of other apps has just been patched. This problem had been present in widely-used code since 1998 without anyone noticing it." Better late than never; reader Trailrunner7 points to this article outlining the dangers of old exploits, given old code for them to toy with.

2 of 130 comments (clear)

Min score:

Reason:

Sort:

Re:Not unprecedented by martin-boundary · 2011-06-20 12:05 · Score: 1, Funny

Exactly. In Windows, you'd simply be told to reboot frequently enough so the password bug doesn't get triggered :)
Re:Come on, it's PHP by A+beautiful+mind · 2011-06-20 12:54 · Score: 2, Funny

I'm an advanced slashdot user, I don't even read the summary anymore.

--
It takes a man to suffer ignorance and smile
Be yourself no matter what they say