Vulnerabilities > CVE-2016-1902 - Cryptographic Issues vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/random_compat library and the openssl_random_pseudo_bytes function fails, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Nessus
NASL family | Debian Local Security Checks |
NASL id | DEBIAN_DSA-3588.NASL |
description | Two vulnerabilities were discovered in Symfony, a PHP framework. - CVE-2016-1902 Lander Brandt discovered that the class SecureRandom might generate weak random numbers for cryptographic use under certain settings. If the functions random_bytes() or openssl_random_pseudo_bytes() are not available, the output of SecureRandom should not be consider secure. - CVE-2016-4423 Marek Alaksa from Citadelo discovered that it is possible to fill up the session storage space by submitting inexistent large usernames. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 91365 |
published | 2016-05-31 |
reporter | This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/91365 |
title | Debian DSA-3588-1 : symfony - security update |
References
- http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails
- http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails
- http://www.debian.org/security/2016/dsa-3588
- http://www.debian.org/security/2016/dsa-3588
- https://github.com/symfony/symfony/pull/17359
- https://github.com/symfony/symfony/pull/17359
- https://www.landaire.net/blog/cve-2016-1902-symfony-securerandom/
- https://www.landaire.net/blog/cve-2016-1902-symfony-securerandom/