CVE-2012-1581

MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers for password reset tokens, which makes it easier for remote attackers to change the passwords of arbitrary users...

CVE-2011-4321

The password reset functionality in Joomla! 1.5.x through 1.5.24 uses weak random numbers, which makes it easier for remote attackers to change the passwords of arbitrary users via unspecified vectors...

Design/Logic Flaw

The password reset functionality in Joomla! 1.5.x through 1.5.24 uses weak random numbers, which makes it easier for remote attackers to change the passwords of arbitrary users via unspecified vectors...

CVE-2011-4321

The password reset functionality in Joomla! 1.5.x through 1.5.24 uses weak random numbers, which makes it easier for remote attackers to change the passwords of arbitrary users via unspecified vectors...

CVE-2011-4321

The CVE-2011-4321 issue affects Joomla! 1.5.x through 1.5.24, where the password reset function uses weak random numbers. This weakness can allow remote attackers to change the passwords of arbitrary users via unspecified vectors. The provided sources confirm the affected product range and the ro...

Advisory 02/2010: MyBB Password Reset Weak Random Numbers Vulnerability

SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: MyBB Password Reset Weak Random Numbers Vulnerability Release Date: 2010/04/13 Last Modified: 2010/04/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: MyBB = 1.4.11 Severity: Usage of weak random number...

Google Chrome 6.0.472 - 'Math.Random()' Random Number Generation

source: https://www.securityfocus.com/bid/36185/info Google Chrome is prone to security vulnerability that may allow the application to generate weak random numbers. Successfully exploiting this issue may allow attackers to obtain sensitive information or gain unauthorized access. Chrome 3.0 Beta...

Advisory SE-2008-01: PunBB Blind Password Recovery Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PunBB Blind Password Recovery Vulnerability Release Date: 2008/02/20 Last Modified: 2008/02/20 Author: Stefan Esser stefan.esseratsektioneins.de Application: PunBB = 1.2.16 Severity...

CVE-2007-2926

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning...

CVE-2000-0357

CVE-2000-0357 affects ORBit and esound on Red Hat Linux 6.1, where insufficiently random numbers in authentication keys allow local users to guess keys. The CVSS vector (AV:N/AC:L/Au:N/C:P/I:P/A:P) yields a base score of 7.5 (HIGH). The vulnerability impact covers partial confidentiality, integri...