Description
The generate_admin_password function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for local users to determine admin passwords via a brute-force attack.
Remediation
References
Related Vulnerabilities
Oracle Database Server Other Vulnerability (CVE-2007-3859)
Oracle Database Server CVE-2012-0552 Vulnerability (CVE-2012-0552)
WordPress Plugin Woocommerce Aliexpress Dropshipping Lite PHP Object Injection (1.0.1)
WordPress Plugin Modern Events Calendar Lite Multiple Vulnerabilities (5.16.2)
WordPress Plugin Facebook for WooCommerce Cross-Site Request Forgery (1.9.14)