Comment 0 for bug 791166

Binary package hint: cherokee

cherokee seeds srand local user known inputs (the ~time and the pid of the admin process) and then uses rand() to generate a random password.
This is not safe. A evil local user guess the generated password within < ~200 attempts.

Vulnerable code:

static ret_t
generate_admin_password (cherokee_buffer_t *buf)
{
        cuint_t i;
        cuint_t n;

        srand(getpid()*time(NULL));

        for (i=0; i<PASSWORD_LEN; i++) {
                n = rand()%(sizeof(ALPHA_NUM)-1);
                cherokee_buffer_add_char (buf, ALPHA_NUM[n]);
        }

        return ret_ok;
}