626 matches found
CVE-2009-2409
CVE-2009-2409 involves MD2 use in X.509 certificate signatures across NSS, GnuTLS, and OpenSSL. Root cause: MD2 hash weaknesses allow forging/collision-based certificate spoofing; public updates disable/avoid MD2 and patch implementations. Affected components include NSS library (Firefox usage), ...
CVE-2009-2409
The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...
PT-2009-1143
Name of the Vulnerable Software and Affected Versions MD5 affected versions not specified Description The MD5 Message-Digest Algorithm lacks collision resistance, making it easier for attackers to conduct spoofing attacks. This issue has been demonstrated through attacks on the use of MD5 in the...
security flaw
The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors whe...
MD5 - Message Digest Algorithm Hash Collision
MD5 - Message Digest Algorithm Hash Collision source: https://www.securityfocus.com/bid/11849/info The MD5 algorithm is reported prone to a hash collision weakness. This weakness reportedly allows attackers to create multiple, differing input sources that, when the MD5 algorithm is used, result i...
MD5 - Message Digest Algorithm Hash Collision
source: https://www.securityfocus.com/bid/11849/info The MD5 algorithm is reported prone to a hash collision weakness. This weakness reportedly allows attackers to create multiple, differing input sources that, when the MD5 algorithm is used, result in the same output fingerprint. It has been...