source: https://www.securityfocus.com/bid/38430/info

PHP is prone to a security vulnerability that affects LCG (Linear Congruential) entropy.

Attackers can exploit this issue to steal sessions or other sensitive data.

Versions prior to PHP 5.2.13 are affected. 

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/33677.tar.gz