PHP <= 5.3.1 - LCG Entropy Security Vulnerability

ID EDB-ID:33677
Type exploitdb
Reporter Rasmus
Modified 2010-02-26T00:00:00


PHP 5.3.1 LCG Entropy Security Vulnerability. CVE-2010-1128. Dos exploit for php platform


PHP is prone to a security vulnerability that affects LCG (Linear Congruential) entropy.

Attackers can exploit this issue to steal sessions or other sensitive data.

Versions prior to PHP 5.2.13 are affected.