Salvador Fandiño

**Name of the Vulnerable Software and Affected Versions** Authen::DigestMD5 versions 0.01 through 0.02 **Description** The `cnonce` (client nonce) is generated insecurely using an MD5 hash of the PID, the epoch time, and the built-in `rand` function. The PID originates from a limited set of numbers, and the epoch time may be predictable. The `rand` function is unsuitable for cryptographic purposes. RFC 2831 recommends that the `cnonce` contain at least 64 bits of entropy to avoid chosen plaintext attacks and provide mutual authentication. **Recommendations** Authen::DigestMD5 version 0.01: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Authen::DigestMD5 version 0.02: At the moment, there is no information about a newer version that contains a fix for this vulnerability.