phpBB gen_rand_string() Predictable RNG Weakness

2006-02-05T08:17:51
ID OSVDB:22949
Type osvdb
Reporter chinchilla(chinchilla@gmail.com)
Modified 2006-02-05T08:17:51

Description

Vulnerability Description

phpBB contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is caused by a poor seeding of the pseudorandom number generator when handling forgotten password requests. This flaw may lead to a loss of confidentiality or integrity.

Technical Description

Such an attack may require up to 1,000,000 password recovery attempts.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

phpBB contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is caused by a poor seeding of the pseudorandom number generator when handling forgotten password requests. This flaw may lead to a loss of confidentiality or integrity.

References:

Secunia Advisory ID:18727 Other Advisory URL: http://www.r-security.net/tutorials/view/readtutorial.php?id=4 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-02/0067.html ISS X-Force ID: 24573 FrSIRT Advisory: ADV-2006-0461 CVE-2006-0632