mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
187 lines
7.3 KiB
JSON
187 lines
7.3 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2004-2761",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "33065",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/33065"
|
|
},
|
|
{
|
|
"name": "RHSA-2010:0837",
|
|
"refsource": "REDHAT",
|
|
"url": "https://rhn.redhat.com/errata/RHSA-2010-0837.html"
|
|
},
|
|
{
|
|
"name": "http://www.phreedom.org/research/rogue-ca/",
|
|
"refsource": "MISC",
|
|
"url": "http://www.phreedom.org/research/rogue-ca/"
|
|
},
|
|
{
|
|
"name": "VU#836068",
|
|
"refsource": "CERT-VN",
|
|
"url": "http://www.kb.cert.org/vuls/id/836068"
|
|
},
|
|
{
|
|
"name": "4866",
|
|
"refsource": "SREASON",
|
|
"url": "http://securityreason.com/securityalert/4866"
|
|
},
|
|
{
|
|
"name": "http://blog.mozilla.com/security/2008/12/30/md5-weaknesses-could-lead-to-certificate-forgery/",
|
|
"refsource": "MISC",
|
|
"url": "http://blog.mozilla.com/security/2008/12/30/md5-weaknesses-could-lead-to-certificate-forgery/"
|
|
},
|
|
{
|
|
"name": "20090115 MD5 Hashes May Allow for Certificate Spoofing",
|
|
"refsource": "CISCO",
|
|
"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a5d24a.html"
|
|
},
|
|
{
|
|
"name": "http://www.win.tue.nl/hashclash/SoftIntCodeSign/",
|
|
"refsource": "MISC",
|
|
"url": "http://www.win.tue.nl/hashclash/SoftIntCodeSign/"
|
|
},
|
|
{
|
|
"name": "33826",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/33826"
|
|
},
|
|
{
|
|
"name": "34281",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/34281"
|
|
},
|
|
{
|
|
"name": "http://www.microsoft.com/technet/security/advisory/961509.mspx",
|
|
"refsource": "MISC",
|
|
"url": "http://www.microsoft.com/technet/security/advisory/961509.mspx"
|
|
},
|
|
{
|
|
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03814en_us",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03814en_us"
|
|
},
|
|
{
|
|
"name": "http://blogs.technet.com/swi/archive/2008/12/30/information-regarding-md5-collisions-problem.aspx",
|
|
"refsource": "MISC",
|
|
"url": "http://blogs.technet.com/swi/archive/2008/12/30/information-regarding-md5-collisions-problem.aspx"
|
|
},
|
|
{
|
|
"name": "http://www.doxpara.com/research/md5/md5_someday.pdf",
|
|
"refsource": "MISC",
|
|
"url": "http://www.doxpara.com/research/md5/md5_someday.pdf"
|
|
},
|
|
{
|
|
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02",
|
|
"refsource": "MISC",
|
|
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
|
|
},
|
|
{
|
|
"name": "RHSA-2010:0838",
|
|
"refsource": "REDHAT",
|
|
"url": "https://rhn.redhat.com/errata/RHSA-2010-0838.html"
|
|
},
|
|
{
|
|
"name": "https://blogs.verisign.com/ssl-blog/2008/12/on_md5_vulnerabilities_and_mit.php",
|
|
"refsource": "MISC",
|
|
"url": "https://blogs.verisign.com/ssl-blog/2008/12/on_md5_vulnerabilities_and_mit.php"
|
|
},
|
|
{
|
|
"name": "USN-740-1",
|
|
"refsource": "UBUNTU",
|
|
"url": "http://www.ubuntu.com/usn/usn-740-1"
|
|
},
|
|
{
|
|
"name": "1024697",
|
|
"refsource": "SECTRACK",
|
|
"url": "http://securitytracker.com/id?1024697"
|
|
},
|
|
{
|
|
"name": "FEDORA-2009-1276",
|
|
"refsource": "FEDORA",
|
|
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00096.html"
|
|
},
|
|
{
|
|
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
|
|
},
|
|
{
|
|
"name": "20081230 MD5 Considered Harmful Today: Creating a rogue CA certificate",
|
|
"refsource": "BUGTRAQ",
|
|
"url": "http://www.securityfocus.com/archive/1/499685/100/0/threaded"
|
|
},
|
|
{
|
|
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
|
|
},
|
|
{
|
|
"name": "42181",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/42181"
|
|
},
|
|
{
|
|
"name": "http://www.win.tue.nl/hashclash/rogue-ca/",
|
|
"refsource": "MISC",
|
|
"url": "http://www.win.tue.nl/hashclash/rogue-ca/"
|
|
},
|
|
{
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=648886",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648886"
|
|
}
|
|
]
|
|
}
|
|
} |