VDB
CVE-2004-2761
CVE-2004-2761
PUBLISHED
CVSS 5 MEDIUM
The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate.
EPSS 8.46% · 92.5th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
8.46%
92.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| ietf | md5 |
Exploit Intelligence
- 33065 (circl)
- RHSA-2010:0837 (circl)
- http://www.phreedom.org/research/rogue-ca/ (circl)
- VU#836068 (circl)
- 4866 (circl)
- http://blog.mozilla.com/security/2008/12/30/md5-weaknesses-could-lead-to-certificate-forgery/ (circl)
- 20090115 MD5 Hashes May Allow for Certificate Spoofing (circl)
- http://www.win.tue.nl/hashclash/SoftIntCodeSign/ (circl)
- 33826 (circl)
- 34281 (circl)
…and 20 more exploits
Timeline
- Dec 7, 2004 PoC Published
- Dec 30, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Dec 22, 2023 EPSS Score
References
- https://www.moxa.com/en/support/product-support/security-advisory/oncell-g3150a-lte-series-multiple-web-application-vulnerabilities-and-security-enhancement advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=648886 issue
- 33065 vdb
- RHSA-2010:0837 vendor-advisory
- http://www.phreedom.org/research/rogue-ca/ url
- VU#836068 third-party-advisory
- 4866 third-party-advisory
- http://blog.mozilla.com/security/2008/12/30/md5-weaknesses-could-lead-to-certificate-forgery/ url
- 20090115 MD5 Hashes May Allow for Certificate Spoofing vendor-advisory
- http://www.win.tue.nl/hashclash/SoftIntCodeSign/ url
- 33826 third-party-advisory
- 34281 third-party-advisory
- http://www.microsoft.com/technet/security/advisory/961509.mspx url
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03814en_us url
- http://blogs.technet.com/swi/archive/2008/12/30/information-regarding-md5-collisions-problem.aspx url
- http://www.doxpara.com/research/md5/md5_someday.pdf url
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 url
- RHSA-2010:0838 vendor-advisory
- https://blogs.verisign.com/ssl-blog/2008/12/on_md5_vulnerabilities_and_mit.php url
- USN-740-1 vendor-advisory
…and 12 more