Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2008-4125

Опубликовано: 18 сент. 2008
Источник: debian
EPSS Низкий

Описание

The search function in phpBB 2.x provides a search_id value that leaks the state of PHP's PRNG, which allows remote attackers to obtain potentially sensitive information, as demonstrated by a cross-application attack against WordPress, a different vulnerability than CVE-2006-0632.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
phpbb2fixed2.0.23+repack-3package
phpbb2no-dsaetchpackage
phpbb3not-affectedpackage

Примечания

  • this is actually a bug in the seeding by PHP, not phpBB per se, but

  • fixing it nonetheless as a workaround.

EPSS

Процентиль: 45%
0.00221
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2008-4125

ubuntu
больше 17 лет назад

The search function in phpBB 2.x provides a search_id value that leaks the state of PHP's PRNG, which allows remote attackers to obtain potentially sensitive information, as demonstrated by a cross-application attack against WordPress, a different vulnerability than CVE-2006-0632.

nvd логотип

CVE-2008-4125

nvd
больше 17 лет назад

The search function in phpBB 2.x provides a search_id value that leaks the state of PHP's PRNG, which allows remote attackers to obtain potentially sensitive information, as demonstrated by a cross-application attack against WordPress, a different vulnerability than CVE-2006-0632.

github логотип

GHSA-hp9f-9w77-qm8f

github
почти 4 года назад

The search function in phpBB 2.x provides a search_id value that leaks the state of PHP's PRNG, which allows remote attackers to obtain potentially sensitive information, as demonstrated by a cross-application attack against WordPress, a different vulnerability than CVE-2006-0632.

EPSS

Процентиль: 45%
0.00221
Низкий