FAQ
Edit report at http://pear.php.net/bugs/bug.php?id=14671&edit=1

ID: 14671
Updated by: cweiske@php.net
Reported By: cweiske at php dot net
Summary: Security issue due to seeding random number generator
-Status: Analyzed
+Status: Closed
Type: Bug
Package: Auth_SASL
Package Version: 1.0.2
PHP Version: Irrelevant
-Assigned To:
+Assigned To: cweiske
Roadmap Versions:
New Comment:

-Status: Analyzed
+Status: Closed
-Assigned To:
+Assigned To: cweiske
Thank you for your bug report. This issue has been fixed
in the latest released version of the package, which you can download
at
http://pear.php.net/get/

in 1.0.3


Previous Comments:
------------------------------------------------------------------------

[2008-09-21 11:40:17] cweiske

Description:
------------
The package lowers the security of randomly generated numbers by
seeding the random number generator by itself. Please remove the
[mt_]srand() call from the code.

For more information, read:
http://www.nabble.com/Re%3A-Random-number-generation-security-problem-p19595503.html
http://news.php.net/php.pear.dev/50791
http://www.suspekt.org/2008/08/17/mt_srand-and-not-so-random-numbers/

------------------------------------------------------------------------

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppear-bugs @
categoriesphp
postedAug 6, '09 at 7:40a
activeAug 6, '09 at 7:40a
posts1
users1
websitepear.php.net

1 user in discussion

Cweiske: 1 post

People

Translate

site design / logo © 2021 Grokbase