> IMO not validating the expiration date format is one of the main > errors here. Or does WP strive to be Y10K compliant?? In the article, I was trying to steer clear of providing complete, exploitable details while still giving more details than the advisory. I believe the expiration is actually the number of seconds since the epoch, which may be easier to exploit and still validate as a reasonable expiration. jake
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds