IETF RFC 3279 X.509 Certificate MD5 Signature Collision Vulnerability

Bugtraq ID: 33065
Class: Design Error
CVE: CVE-2004-2761
Remote: Yes
Local: No
Published: Dec 30 2008 12:00AM
Updated: Sep 16 2014 12:06AM
Credit: Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, and Benne de Weger.
Vulnerable: Yamaha SRT100 0
Yamaha RTX3000 0
Yamaha RTX2000
Yamaha RTX1500
Yamaha RTX1100
Yamaha RTX1000
Yamaha RTV700
Yamaha RT300i
Yamaha RT107e 0
Yamaha RT105
Yamaha RT104 0
Ubuntu Ubuntu Linux 8.10 sparc
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu Ubuntu Linux 8.10 lpia
Ubuntu Ubuntu Linux 8.10 i386
Ubuntu Ubuntu Linux 8.10 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 7.10 sparc
Ubuntu Ubuntu Linux 7.10 powerpc
Ubuntu Ubuntu Linux 7.10 lpia
Ubuntu Ubuntu Linux 7.10 i386
Ubuntu Ubuntu Linux 7.10 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
RedHat Certificate Server 7.3
Mozilla Network Security Services (NSS) 3.11.3
Mozilla Network Security Services (NSS) 3.12
Mozilla Network Security Services (NSS) 3.11
IETF RFC 3279: Algorithms and Identifiers for the Inter 0
Cisco IOS CA 0
Not Vulnerable: Mozilla Network Security Services (NSS) 3.12.2


 

Privacy Statement
Copyright 2010, SecurityFocus