Rapid7 Vulnerability & Exploit Database

MD5-based Signature in TLS/SSL Server X.509 Certificate

Back to Search

MD5-based Signature in TLS/SSL Server X.509 Certificate

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

08/17/2004

Created

07/25/2018

Added

01/05/2009

Modified

02/13/2015

Description

Multiple weaknesses exist in the MD5 cryptographic hash function, which make it insecure when used to sign X.509 certificates. Namely:

In August 2004, Xiaoyun Wang, Dengguo Feng, Xuejia Lai, and Hongbo Yu published the results of a collision attack.
In October 2006, Marc Stevens, Arjen K. Lenstra, and Benne de Weger produced a pair of colliding X.509 certificates for different identities. The method used to produce them was later published in the EuroCrypt 2007 Proceedings, and described as one practical application of chosen-prefix collision attacks.
In December 2008, a larger team of security researchers used this attack to create a rogue CA certificate, allowing them to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS protocol.

Solution(s)

fix-tls-server-cert-sig-alg-md5

References

https://attackerkb.com/topics/cve-2004-2761
33065
836068
CVE - 2004-2761
RHSA-2010:0837
RHSA-2010:0838
http://blogs.technet.com/swi/archive/2008/12/30/information-regarding-md5-collisions-problem.aspx
http://www.microsoft.com/technet/security/advisory/961509.mspx

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

MD5-based Signature in TLS/SSL Server X.509 Certificate