First published: Tue Dec 30 2008(Updated: )
The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/rhpki-ca | <0:7.3.0-21.el4 | 0:7.3.0-21.el4 |
redhat/rhpki-common | <0:7.3.0-41.el4 | 0:7.3.0-41.el4 |
redhat/rhpki-util | <0:7.3.0-21.el4 | 0:7.3.0-21.el4 |
redhat/pki-ca | <0:8.0.7-1.el5 | 0:8.0.7-1.el5 |
redhat/pki-common | <0:8.0.6-2.el5 | 0:8.0.6-2.el5 |
redhat/pki-util | <0:8.0.5-1.el5 | 0:8.0.5-1.el5 |
IETF MD5 | ||
IETF X.509 Certificate |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2004-2761 is classified as a high severity vulnerability due to its potential to allow spoofing attacks.
To mitigate CVE-2004-2761, upgrade to the latest versions of affected packages such as rhpki-ca 0:7.3.0-21.el4 or pki-ca 0:8.0.7-1.el5.
Affected software includes various Red Hat packages such as rhpki-ca, rhpki-common, and pki-ca.
CVE-2004-2761 exploits the collision resistance weakness of the MD5 Message-Digest Algorithm.
Yes, CVE-2004-2761 can significantly affect the integrity of X.509 certificates by making them vulnerable to spoofing.