First published: Wed Dec 09 2015(Updated: )
A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/java | <1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11 | 1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11 |
redhat/java | <1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7 | 1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7 |
redhat/java | <1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7 | 1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7 |
redhat/java | <1.8.0-oracle-1:1.8.0.71-1jpp.1.el7 | 1.8.0-oracle-1:1.8.0.71-1jpp.1.el7 |
redhat/java | <1.7.0-oracle-1:1.7.0.95-1jpp.2.el7 | 1.7.0-oracle-1:1.7.0.95-1jpp.2.el7 |
redhat/java | <1.7.0-openjdk-1:1.7.0.95-2.6.4.1.el5_11 | 1.7.0-openjdk-1:1.7.0.95-2.6.4.1.el5_11 |
redhat/java | <1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5 | 1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5 |
redhat/java | <1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el5 | 1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el5 |
redhat/nss | <0:3.19.1-8.el6_7 | 0:3.19.1-8.el6_7 |
redhat/openssl | <0:1.0.1e-42.el6_7.2 | 0:1.0.1e-42.el6_7.2 |
redhat/gnutls | <0:2.8.5-19.el6_7 | 0:2.8.5-19.el6_7 |
redhat/java | <1.8.0-openjdk-1:1.8.0.71-1.b15.el6_7 | 1.8.0-openjdk-1:1.8.0.71-1.b15.el6_7 |
redhat/java | <1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el6_7 | 1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el6_7 |
redhat/java | <1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7 | 1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7 |
redhat/java | <1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7 | 1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7 |
redhat/nss | <0:3.19.1-19.el7_2 | 0:3.19.1-19.el7_2 |
redhat/openssl | <1:1.0.1e-51.el7_2.2 | 1:1.0.1e-51.el7_2.2 |
redhat/gnutls | <0:3.3.8-14.el7_2 | 0:3.3.8-14.el7_2 |
redhat/java | <1.8.0-openjdk-1:1.8.0.71-2.b15.el7_2 | 1.8.0-openjdk-1:1.8.0.71-2.b15.el7_2 |
redhat/java | <1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el7_2 | 1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el7_2 |
redhat/java | <1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7 | 1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7 |
redhat/java | <1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7 | 1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7 |
redhat/java | <1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5 | 1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5 |
redhat/java | <1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7 | 1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7 |
redhat/spacewalk-java | <0:2.0.2-109.el6 | 0:2.0.2-109.el6 |
redhat/spacewalk-java | <0:2.3.8-146.el6 | 0:2.3.8-146.el6 |
Mozilla Network Security Services | <=3.20.1 | |
openSUSE Leap | =42.1 | |
openSUSE openSUSE | =13.1 | |
openSUSE openSUSE | =13.2 | |
Mozilla Firefox ESR | =38.0 | |
Mozilla Firefox ESR | =38.0.1 | |
Mozilla Firefox ESR | =38.0.5 | |
Mozilla Firefox ESR | =38.1.0 | |
Mozilla Firefox ESR | =38.1.1 | |
Mozilla Firefox ESR | =38.2.0 | |
Mozilla Firefox ESR | =38.2.1 | |
Mozilla Firefox ESR | =38.3.0 | |
Mozilla Firefox ESR | =38.4.0 | |
Mozilla Firefox ESR | =38.5.0 | |
Mozilla Firefox ESR | =38.5.1 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =15.04 | |
Canonical Ubuntu Linux | =15.10 | |
Mozilla Firefox | <=43.0.1 | |
Mozilla Firefox | =38.0 | |
Mozilla Firefox | =38.0.1 | |
Mozilla Firefox | =38.0.5 | |
Mozilla Firefox | =38.1.0 | |
Mozilla Firefox | =38.1.1 | |
Mozilla Firefox | =38.2.0 | |
Mozilla Firefox | =38.2.1 | |
Mozilla Firefox | =38.3.0 | |
Mozilla Firefox | =38.4.0 | |
Mozilla Firefox | =38.5.0 | |
Mozilla Firefox | =38.5.1 | |
IBM Cognos Analytics | <=12.0.0-12.0.3 | |
IBM Cognos Analytics | <=11.2.0-11.2.4 FP4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)