PHP mcrypt_create_iv Function php_rand_r IV Generation Weakness

2007-05-10T00:00:00
ID OSVDB:36087
Type osvdb
Reporter OSVDB
Modified 2007-05-10T00:00:00

Description

No description provided by the source

References:

Vendor URL: http://www.php.net/ Vendor Specific News/Changelog Entry: http://bugs.php.net/bug.php?id=40999 Vendor Specific News/Changelog Entry: http://www.php.net/ChangeLog-5.php Vendor Specific News/Changelog Entry: http://cvs.php.net/viewvc.cgi/php-src/ext/mcrypt/mcrypt.c?r1=1.91.2.3.2.9&r2=1.91.2.3.2.10 Secunia Advisory ID:22588 Secunia Advisory ID:26895 Other Solution URL: http://www.fortheloot.com/public/mcrypt.patch Other Advisory URL: http://blog.php-security.org/archives/80-Watching-the-PHP-CVS.html Other Advisory URL: http://lists.opensuse.org/opensuse-security-announce/2007-08/msg00003.html Other Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:187 CVE-2007-2727 Bugtraq ID: 23984