News Feed
Jobs Feed
Sections




News Archive
php|architect:
Possible vulnerabilities found in PHP session IDs
by Chris Cornutt April 12, 2010 @ 08:29:00

Beth Tucker Long has posted a new warning about a possible issue with session IDs in PHP dealing with weak random numbers being generated by the language when making the IDs.

Seclists.org has posted an advisory titled "Weak RNG in PHP session ID generation leads to session hijacking." RNG stands for Random Number Generation, and the advisory is warning that not enough entropy is being used to seed the RNG; this, in turn, can lead to a reduced number of possible session IDs under certain specific conditions, thus making brute force session spoofing easier, if not bringing it into the realm of feasibility.

The threat is only marked at a "medium" level of severity, but it could still cause problems if you're not careful. There are specific conditions that have to be in place for it to be a problem including using the standard PHP session generation and that the app shares the information about remote users. To protect yourself you can either install Suhosin and don't use the result of set an external source for entropy to help randomize the session ID even more.

0 comments voice your opinion now!
sessionid vulnerability rng random number entropy


blog comments powered by Disqus

Similar Posts

Davey Shafik\'s Blog: Zend Framework and Flickr

Lorenzo Alberton's Blog: PEAR::Pager Tutorials

Script-Tutorials.com: Protection and Methodologies of Security Vulnerabilities in Web Development

Jonathan Street's Blog: Random thoughts on random strings

Secunia.com: Mambo Unspecified Bypass Vulnerabilities


 Community Events









Don't see your event here?
Let us know!

code development podcast example object release language unittest phpunit tool database introduction api zendframework2 testing community composer opinion interview framework

All content copyright, 2013 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework