|
|
Util-Linux mcookie Cookie Generation Weakness
A weakness has been reported for the mcookie utility where cookies may be generated in a predictable manner. The weakness occurs because mcookie uses /dev/urandom to generate cookies. This may be exploited by an attacker to guess cookie values to steal credentials of users who use X authentication. |
|
Privacy Statement |