National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2004-2761 Detail

Current Description

The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate.

Source:  MITRE      Last Modified:  01/05/2009      View Analysis Description

Quick Info

CVE Dictionary Entry:
CVE-2004-2761
Original release date:
01/05/2009
Last revised:
02/01/2017
Source:
US-CERT/NIST

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:
5.0 MEDIUM
Vector:
(AV:N/AC:L/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore:
2.9
Exploitability Subscore:
10.0
CVSS Version 2 Metrics:
Access Vector:
Network exploitable
Access Complexity:
Low
Authentication:
Not required to exploit
Impact Type:
Allows unauthorized modification

Evaluator Impact

There are four significant mitigating factors. 1) Most enterprise-class certificates, such as VeriSign’s Extended Validation SSL Certificates use the still secure SHA-1 hash function. 2) Certificates already issued with MD5 signatures are not at risk. The exploit only affects new certificate acquisitions. 3) CAs are quickly moving to replace MD5 with SHA-1. For example, VeriSign was planning to phase out MD5 by the end of January 2009. The date was pushed up due to the December proof of concept. On December 31, 2008, RapidSSL certificates shipped with SHA-1 digital signatures. 4)The researchers did not release the under-the-hood specifics of how the exploit was executed. Source - http://www.techrepublic.com/blog/it-security/the-new-md5-ssl-exploit-is-not-the-end-of-civilization-as-we-know-it/?tag=nl.e036

Vendor Statements (disclaimer)

Official Statement from Red Hat (01/07/2009)

Please see http://kbase.redhat.com/faq/docs/DOC-15379

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
http://blog.mozilla.com/security/2008/12/30/md5-weaknesses-could-lead-to-certificate-forgery/ External Source MISC http://blog.mozilla.com/security/2008/12/30/md5-weaknesses-could-lead-to-certificate-forgery/
http://blogs.technet.com/swi/archive/2008/12/30/information-regarding-md5-collisions-problem.aspx External Source MISC http://blogs.technet.com/swi/archive/2008/12/30/information-regarding-md5-collisions-problem.aspx
http://securityreason.com/securityalert/4866 External Source SREASON 4866
http://securitytracker.com/id?1024697 External Source SECTRACK 1024697
http://www.cisco.com/en/US/products/products_security_response09186a0080a5d24a.html External Source CISCO 20090115 MD5 Hashes May Allow for Certificate Spoofing
http://www.doxpara.com/research/md5/md5_someday.pdf External Source MISC http://www.doxpara.com/research/md5/md5_someday.pdf
http://www.kb.cert.org/vuls/id/836068 Third Party Advisory; US Government Resource External Source CERT-VN VU#836068
http://www.microsoft.com/technet/security/advisory/961509.mspx Mitigation; Patch; Vendor Advisory External Source MISC http://www.microsoft.com/technet/security/advisory/961509.mspx
http://www.phreedom.org/research/rogue-ca/ External Source MISC http://www.phreedom.org/research/rogue-ca/
http://www.securityfocus.com/archive/1/archive/1/499685/100/0/threaded External Source BUGTRAQ 20081230 MD5 Considered Harmful Today: Creating a rogue CA certificate
http://www.securityfocus.com/bid/33065 External Source BID 33065
http://www.ubuntu.com/usn/usn-740-1 External Source UBUNTU USN-740-1
http://www.win.tue.nl/hashclash/rogue-ca/ External Source MISC http://www.win.tue.nl/hashclash/rogue-ca/
http://www.win.tue.nl/hashclash/SoftIntCodeSign/ External Source MISC http://www.win.tue.nl/hashclash/SoftIntCodeSign/
https://blogs.verisign.com/ssl-blog/2008/12/on_md5_vulnerabilities_and_mit.php External Source MISC https://blogs.verisign.com/ssl-blog/2008/12/on_md5_vulnerabilities_and_mit.php
https://bugzilla.redhat.com/show_bug.cgi?id=648886 Issue Tracking External Source CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=648886
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888
https://rhn.redhat.com/errata/RHSA-2010-0837.html External Source REDHAT RHSA-2010:0837
https://rhn.redhat.com/errata/RHSA-2010-0838.html External Source REDHAT RHSA-2010:0838
https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00096.html External Source FEDORA FEDORA-2009-1276

Technical Details

Vulnerability Type (View All)

Change History 5 change records found - show changes