ID CVE-2004-2761
Summary The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate. There are four significant mitigating factors. 1) Most enterprise-class certificates, such as VeriSign’s Extended Validation SSL Certificates use the still secure SHA-1 hash function. 2) Certificates already issued with MD5 signatures are not at risk. The exploit only affects new certificate acquisitions. 3) CAs are quickly moving to replace MD5 with SHA-1. For example, VeriSign was planning to phase out MD5 by the end of January 2009. The date was pushed up due to the December proof of concept. On December 31, 2008, RapidSSL certificates shipped with SHA-1 digital signatures. 4)The researchers did not release the under-the-hood specifics of how the exploit was executed. Source - http://www.techrepublic.com/blog/it-security/the-new-md5-ssl-exploit-is-not-the-end-of-civilization-as-we-know-it/?tag=nl.e036
References
Vulnerable Configurations
  • cpe:2.3:a:ietf:md5:-:*:*:*:*:*:*:*
    cpe:2.3:a:ietf:md5:-:*:*:*:*:*:*:*
  • cpe:2.3:a:ietf:x.509_certificate:-:*:*:*:*:*:*:*
    cpe:2.3:a:ietf:x.509_certificate:-:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 19-10-2018 - 15:30)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
redhat via4
advisories
  • rhsa
    id RHSA-2010:0837
  • rhsa
    id RHSA-2010:0838
rpms
  • rhpki-ca-0:7.3.0-21.el4
  • rhpki-common-0:7.3.0-41.el4
  • rhpki-util-0:7.3.0-21.el4
  • pki-ca-0:8.0.7-1.el5pki
  • pki-common-0:8.0.6-2.el5pki
  • pki-common-javadoc-0:8.0.6-2.el5pki
  • pki-util-0:8.0.5-1.el5pki
  • pki-util-javadoc-0:8.0.5-1.el5pki
refmap via4
bid 33065
bugtraq 20081230 MD5 Considered Harmful Today: Creating a rogue CA certificate
cert-vn VU#836068
cisco 20090115 MD5 Hashes May Allow for Certificate Spoofing
confirm
fedora FEDORA-2009-1276
misc
sectrack 1024697
secunia
  • 33826
  • 34281
  • 42181
sreason 4866
ubuntu USN-740-1
statements via4
contributor Mark J Cox
lastmodified 2009-01-07
organization Red Hat
statement Please see http://kbase.redhat.com/faq/docs/DOC-15379
Last major update 19-10-2018 - 15:30
Published 05-01-2009 - 20:30
Last modified 19-10-2018 - 15:30
Back to Top