Executive Summary
Summary | |
---|---|
Title | MD5 vulnerable to collision attacks |
Informations | |||
---|---|---|---|
Name | VU#836068 | First vendor Publication | 2008-12-31 |
Vendor | VU-CERT | Last vendor Modification | 2009-01-21 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#836068MD5 vulnerable to collision attacksOverviewWeaknesses in the MD5 algorithm allow for collisions in output. As a result, attackers can generate cryptographic tokens or other data that illegitimately appear to be authentic.I. DescriptionA secure cryptographic hash algorithm is one that generates a unique identifier of a fixed size (known as a "digest" or simply "hash") for a block of data of arbitrary size. The MD5 algorithm is a standard, widely used example of such an algorithm and is defined in IETF RFC 1321. One of the requirements of secure cryptographic hash algorithms is that it be extremely unlikely for two different inputs to the algorithm to generate the same digest. This property is generally referred to as collision resistance and cases where an algorithm generates the same digest for two different blocks of data are known as collisions.Cryptanalytic research published in 1996 described a weakness in the MD5 algorithm that could result in collision attacks, at least in principle. Further research published in 2004 demonstrated the practical ability for an attacker to generate collisions and in 2005 the ability for an attacker to generate colliding x.509 certificates was demonstrated. In 2008, researchers demonstrated the practical vulnerability of Public Key Infrastructures (PKI) to such attacks, including the construction of an SSL certificate that allows an attacker to impersonate a trusted root Certificate Authority (CA). Most operating systems bundle a collection of trusted CA certificates, including some that use the MD5 signing algorithm, providing obvious targets for attackers to spoof. Do not use the MD5 algorithm
References
A number of individuals have previously published research on collision vulnerabilities in MD5 including but not limited to: Hans Dobbertin, Xiaoyun Wang, Hongbo Yu, Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Weger, Dan Kaminsky, and Gerardo Richarte. This document was written by Chad R Dougherty.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/836068 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-310 | Cryptographic Issues |
OVAL Definitions
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2009-03-20 | Name : Ubuntu USN-735-1 (gst-plugins-base0.10) File : nvt/ubuntu_735_1.nasl |
2009-03-20 | Name : Ubuntu USN-736-1 (gst-plugins-good0.10) File : nvt/ubuntu_736_1.nasl |
2009-03-20 | Name : Ubuntu USN-737-1 (libsoup) File : nvt/ubuntu_737_1.nasl |
2009-03-20 | Name : Ubuntu USN-739-1 (amarok) File : nvt/ubuntu_739_1.nasl |
2009-03-20 | Name : Ubuntu USN-740-1 (firefox) File : nvt/ubuntu_740_1.nasl |
2009-02-10 | Name : Fedora Core 9 FEDORA-2009-1276 (nss) File : nvt/fcore_2009_1276.nasl |
2009-02-10 | Name : Fedora Core 10 FEDORA-2009-1291 (nss) File : nvt/fcore_2009_1291.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
45127 | MD5 Algorithm Hash Function Collision Weakness |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-12-08 | Name : A known CA SSL certificate in the certificate chain has been signed using a w... File : ssl_weak_hash_ca.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-1291.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-740-1.nasl - Type : ACT_GATHER_INFO |
2009-02-05 | Name : The remote Fedora host is missing a security update. File : fedora_2009-1276.nasl - Type : ACT_GATHER_INFO |
2009-01-05 | Name : An SSL certificate in the certificate chain has been signed using a weak hash... File : ssl_weak_hash.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-12-09 13:25:25 |
|
2014-02-17 12:08:12 |
|
2013-05-11 12:26:45 |
|