MD5 Vulnerability in X.509 Certificate Signatures by RSA Security
CVE-2004-2761

Currently unrated

Key Information:

Vendor: Ietf
Status: Md5
Vendor: CVE Published:; 5 January 2009

Summary

The MD5 hashing algorithm exhibits weaknesses in collision resistance, leading to potential spoofing attacks. Attackers can exploit this vulnerability, primarily in the signature algorithm of X.509 certificates, to create false certificates. This poses significant risks, as it undermines the integrity of secure communications, allowing malicious actors to impersonate legitimate entities and potentially compromise sensitive data.

References

http://www.securityfocus.com/bid/33065

vdb-entryx_refsource_BID

https://rhn.redhat.com/errata/RHSA-2010-0837.html

vendor-advisoryx_refsource_REDHAT

http://www.phreedom.org/research/rogue-ca/

x_refsource_MISC

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 5, 2009
Vulnerability Reserved
Jan 5, 2009