PHP <= 5.3.1 - LCG Entropy Security Vulnerability

2010-02-26T00:00:00
ID EDB-ID:33677
Type exploitdb
Reporter Rasmus
Modified 2010-02-26T00:00:00

Description

PHP 5.3.1 LCG Entropy Security Vulnerability. CVE-2010-1128. Dos exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/38430/info

PHP is prone to a security vulnerability that affects LCG (Linear Congruential) entropy.

Attackers can exploit this issue to steal sessions or other sensitive data.

Versions prior to PHP 5.2.13 are affected. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33677.tar.gz