5 matches found
SUSE CVE-2008-2107
The GENERATESEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent attackers to predict subsequent values of the rand and mtrand functions an...
Simple Machines Forum <= 1.1.5 Admin Reset Password Exploit (win32)
No description provided by source. ?php echo ---------------------------------------------------------------\n; echo SMF = 1.1.5 Admin Reset Password Exploit win32-based servers\n; echo coded by Raz0r http://Raz0r.name/\n; echo ---------------------------------------------------------------\n; if...
JDK: Vulnerability in the IBMSecureRandom implementation of the IBMJCE and IBMSecureRandom cryptographic providers
The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier f...
CVE-2011-2686
Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issu...
Simple Machines Forum Validation Code Prediction Arbitrary Password Reset
The remote host is running Simple Machines Forum SMF, an open source web forum application written in PHP. The version of Simple Machines Forum installed on the remote host generates validation codes for its password reset functionality with 'rand', which on Windows platforms has a maximum value ...