PHP rand and mt_rand function weak security
|php-rand-mtrand-weak-security (45956)||Low Risk|
PHP could provide weaker than expected security. The rand and mt_rand functions do not produce cryptographically strong random numbers. A remote attacker could exploit this vulnerability to launch further attacks against affected applications.
Apply the appropriate patch for your system. See References.
- Joomla! Web site: Joomla!.
- PHP Web site: PHP: Downloads.
- SektionEins Security Advisory, 2008/09/11: Joomla Weak Random Password Reset Token Vulnerability .
- Suspekt Blog Archive, August 17th, 2008: mt_srand and not so random numbers.
- BID-31115: WordPress Random Password Generation Insufficient Entropy Weakness
- CVE-2008-4107: The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x and WordPress before 2.6.2, a different vulnerability than CVE-2008-2107, CVE-2008-2108, and CVE-2008-4102.
- OSVDB ID: 48022: WordPress Registration SQL Truncation Administrator Password Manipulation
- OSVDB ID: 48700: WordPress mt_rand() Function RNG Weakness
- SA31737: WordPress Insecure Password Generation Vulnerability
- SECTRACK ID: 1020869: WordPress SQL Truncation and Password Generation Flaw Lets Remote Users Determine the Administrator's Password
- PHP PHP 5.2.6
Sep 11, 2008
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this
* According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.