CVE-2010-1128 - OpenCVE

The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Php	Php

Configuration 1 [-]

OR	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php:5.2.0:::::::*
	cpe:2.3:a:php:php:5.2.1:::::::*
	cpe:2.3:a:php:php:5.2.2:::::::*
	cpe:2.3:a:php:php:5.2.3:::::::*
	cpe:2.3:a:php:php:5.2.4:::::::*
	cpe:2.3:a:php:php:5.2.5:::::::*
	cpe:2.3:a:php:php:5.2.6:::::::*
	cpe:2.3:a:php:php:5.2.7:::::::*
	cpe:2.3:a:php:php:5.2.8:::::::*
	cpe:2.3:a:php:php:5.2.9:::::::*
	cpe:2.3:a:php:php:5.2.10:::::::*
	cpe:2.3:a:php:php:5.2.11:::::::*

References

Link	Resource
http://secunia.com/advisories/38708	Vendor Advisory
http://secunia.com/advisories/42410
http://www.php.net/ChangeLog-5.php
http://www.php.net/releases/5_2_13.php	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0919.html
http://www.securityfocus.com/bid/38430	Exploit
http://www.vupen.com/english/advisories/2010/0479	Patch Vendor Advisory
http://www.vupen.com/english/advisories/2010/3081

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2010-03-26T20:00:00

Updated: 2010-12-07T10:00:00

Reserved: 2010-03-26T00:00:00

Link: CVE-2010-1128

JSON object: View

NVD Information

Status : Modified

Published: 2010-03-26T20:30:00.877

Modified: 2010-12-10T06:39:13.887

Link: CVE-2010-1128

JSON object: View

Redhat Information

No data.

CWE

CWE-310

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-02-25T00:00:00", "descriptions": [{"lang": "en", "value": "The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-12-07T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2010-0479", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0479"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.php.net/releases/5_2_13.php"}, {"name": "RHSA-2010:0919", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2010-0919.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.php.net/ChangeLog-5.php"}, {"name": "38708", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38708"}, {"name": "38430", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38430"}, {"name": "42410", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42410"}, {"name": "ADV-2010-3081", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/3081"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-1128", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2010-0479", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0479"}, {"name": "http://www.php.net/releases/5_2_13.php", "refsource": "CONFIRM", "url": "http://www.php.net/releases/5_2_13.php"}, {"name": "RHSA-2010:0919", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2010-0919.html"}, {"name": "http://www.php.net/ChangeLog-5.php", "refsource": "CONFIRM", "url": "http://www.php.net/ChangeLog-5.php"}, {"name": "38708", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38708"}, {"name": "38430", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38430"}, {"name": "42410", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42410"}, {"name": "ADV-2010-3081", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/3081"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-1128", "datePublished": "2010-03-26T20:00:00", "dateReserved": "2010-03-26T00:00:00", "dateUpdated": "2010-12-07T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "438EC66E-3D70-4780-AC53-22F850818612", "versionEndIncluding": "5.2.12", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function."}, {"lang": "es", "value": "El Linear Congruential Generator (LCG) en PHP anteriores a v5.2.13 no provee la entrop\u00eda esperada, lo que hace m\u00e1s f\u00e1cil para atacantes dependiendo del contexto adivinar valores que deber\u00edan ser impredecibles, como se demostr\u00f3 con cookies de sesi\u00f3n generadas utilizando la funci\u00f3n uniqid."}], "id": "CVE-2010-1128", "lastModified": "2010-12-10T06:39:13.887", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-03-26T20:30:00.877", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38708"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/42410"}, {"source": "cve@mitre.org", "url": "http://www.php.net/ChangeLog-5.php"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.php.net/releases/5_2_13.php"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2010-0919.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/38430"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0479"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2010/3081"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=577582\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/", "lastModified": "2010-04-14T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}