Network Security News – Friday, February 10, 2006 Events
phpBB gen_rand_string() Predictable RNG Weakness
phpBB contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is caused by a poor seeding of the pseudorandom number generator when handling forgotten password requests. This flaw may lead to a loss of confidentiality or integrity.. Read more at osvdb.org/22949
Leave a Reply