[Tickets #7447] Audit for innappropriate use of mt_rand
bugs at horde.org
bugs at horde.org
Tue Oct 7 20:06:34 UTC 2008
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/7447
------------------------------------------------------------------------------
Ticket | 7447
Created By | Chuck Hagenbuch <chuck at horde.org>
Summary | Audit for innappropriate use of mt_rand
Queue | Horde Base
Version | HEAD
Type | Bug
State | Assigned
Priority | 2. Medium
Milestone |
Patch |
Owners | Horde Developers, Chuck Hagenbuch
------------------------------------------------------------------------------
Chuck Hagenbuch <chuck at horde.org> (2008-10-07 16:06) wrote:
Shouldn't use mt_rand on its own to generate a key for a password
reset or a new password or anything else that could be exploited:
http://www.suspekt.org/2008/08/17/mt_srand-and-not-so-random-numbers/
More information about the bugs
mailing list