Expect mkpasswd Biased Random Number Generation Vulnerability

Expect mkpasswd Biased Random Number Generation Vulnerability

The 'mkpasswd' password generation script that ships with expect contains a biased random number generation bug.

The script uses its own random number generator and seeds it with a process id. As a result, only a small set of possible passwords are generated.