Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:SSL:MD5-SIGNATURE

Severity

 Medium

Recommended

 No

Category

 HTTP

Keywords

 SSL Certificate Signed With MD5 Hash

Release Date

 2008/12/30

Update Number

 1339

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: SSL Certificate Signed With MD5 Hash


This signature detects SSL certificates that have been signed using the MD5 hash algorithm. Known weaknesses in the MD5 algorithm allow for certificates signed with it to be spoofed by attackers. The certificate detected by this signature could potentially be illegitimate. All certificates in the signing chain are checked.

Extended Description

X.509 certificates are prone to a signature-collision attack when signed with the MD5 algorithm. Attackers may take advantage of this issue to generate pairs of different, valid X.509 certificates that share a common signature. An attacker is most likely to exploit this issue to conduct phishing attacks or to impersonate legitimate sites by taking advantage of malicious certificates. Other attacks are likely possible. NOTE: This attack is an extension of the weakness covered in BID 11849 (MD5 Message Digest Algorithm Hash Collision Weakness).

Affected Products

  • Cisco IOS CA
  • IETF RFC 3279: Algorithms and Identifiers for the Inter
  • Mozilla Network Security Services (NSS) 3.11
  • Mozilla Network Security Services (NSS) 3.11.3
  • Mozilla Network Security Services (NSS) 3.12
  • Red Hat Certificate Server 7.3
  • Red Hat Certificate System 8
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 7.10 Amd64
  • Ubuntu Ubuntu Linux 7.10 I386
  • Ubuntu Ubuntu Linux 7.10 Lpia
  • Ubuntu Ubuntu Linux 7.10 Powerpc
  • Ubuntu Ubuntu Linux 7.10 Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 8.10 Amd64
  • Ubuntu Ubuntu Linux 8.10 I386
  • Ubuntu Ubuntu Linux 8.10 Lpia
  • Ubuntu Ubuntu Linux 8.10 Powerpc
  • Ubuntu Ubuntu Linux 8.10 Sparc
  • Yamaha RT104
  • Yamaha RT105
  • Yamaha RT107e
  • Yamaha RT300i
  • Yamaha RTV700
  • Yamaha RTX1000
  • Yamaha RTX1100
  • Yamaha RTX1500
  • Yamaha RTX2000
  • Yamaha RTX3000
  • Yamaha SRT100

References

  • BugTraq: 33065
  • CVE: CVE-2008-5448
  • CVE: CVE-2003-0543
  • CVE: CVE-2004-0748
  • URL: http://www.win.tue.nl/hashclash/rogue-ca/

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out