CVE Vulnerabilities

CVE-2004-2761

Published: Jan 05, 2009 | Modified: Oct 19, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
4.3 MODERATE
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V3
Ubuntu

The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate.

Affected Software

Name Vendor Start Version End Version
Red Hat Certificate System 7.3 RedHat rhpki-ca-0:7.3.0-21.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-common-0:7.3.0-41.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-util-0:7.3.0-21.el4 *
Red Hat Certificate System 8 RedHat pki-ca-0:8.0.7-1.el5pki *
Red Hat Certificate System 8 RedHat pki-common-0:8.0.6-2.el5pki *
Red Hat Certificate System 8 RedHat pki-util-0:8.0.5-1.el5pki *
Firefox Ubuntu dapper *
Nss Ubuntu gutsy *
Nss Ubuntu hardy *
Nss Ubuntu intrepid *

References