View Single Post
  #1   (View Single Post)  
Old 30th March 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,567
Default PHP blunders with random numbers

From http://www.h-online.com/security/new...rs-967525.html

Quote:
Security expert Andreas Bogk warns that, despite recent PHP improvements, the session IDs of users who are logged into PHP applications remain guessable. Upon close examination, the alleged improvements display frightening weaknesses.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote