National Vulnerability Database

National Vulnerability Database

National Vulnerability

CVE-2004-2761 Detail

Current Description

The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate.

Source:  MITRE      Last Modified:  01/05/2009      View Analysis Description

Quick Info

CVE Dictionary Entry:
Original release date:
Last revised:


CVSS Severity (version 2.0):
CVSS v2 Base Score:
(AV:N/AC:L/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore:
Exploitability Subscore:
CVSS Version 2 Metrics:
Access Vector:
Network exploitable
Access Complexity:
Not required to exploit
Impact Type:
Allows unauthorized modification

Evaluator Impact

There are four significant mitigating factors. 1) Most enterprise-class certificates, such as VeriSign’s Extended Validation SSL Certificates use the still secure SHA-1 hash function. 2) Certificates already issued with MD5 signatures are not at risk. The exploit only affects new certificate acquisitions. 3) CAs are quickly moving to replace MD5 with SHA-1. For example, VeriSign was planning to phase out MD5 by the end of January 2009. The date was pushed up due to the December proof of concept. On December 31, 2008, RapidSSL certificates shipped with SHA-1 digital signatures. 4)The researchers did not release the under-the-hood specifics of how the exploit was executed. Source -

Vendor Statements (disclaimer)

Official Statement from Red Hat (01/07/2009)

Please see

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to

Hyperlink Resource Type Source Name External Source MISC External Source MISC External Source SREASON 4866 External Source SECTRACK 1024697 External Source CISCO 20090115 MD5 Hashes May Allow for Certificate Spoofing External Source MISC Third Party Advisory; US Government Resource External Source CERT-VN VU#836068 Mitigation; Patch; Vendor Advisory External Source MISC External Source MISC External Source BUGTRAQ 20081230 MD5 Considered Harmful Today: Creating a rogue CA certificate External Source BID 33065 External Source UBUNTU USN-740-1 External Source MISC External Source MISC External Source MISC Issue Tracking External Source CONFIRM External Source CONFIRM External Source CONFIRM External Source REDHAT RHSA-2010:0837 External Source REDHAT RHSA-2010:0838 External Source FEDORA FEDORA-2009-1276

Technical Details

Vulnerability Type (View All)

Change History 5 change records found - show changes