Vigil@nce: Firefox, GnuTLS, OpenSSL, NSPR, NSS, signature with MD2 for X.509
August 2009 by Vigil@nce
An attacker can invite the victim to connect to a SSL site using a
X.509 certificate signed with MD2, in order to deceive the victim.
Severity: 1/4
Consequences: data reading
Provenance: internet server
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 31/07/2009
IMPACTED PRODUCTS
– Mozilla Firefox
– OpenSSL
– Red Hat Enterprise Linux
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The MD2 hash algorithm is considered as weak (an attacker with
sufficient resources can create a collision).
However, certificates with a MD2 signature are still allowed by
some cryptographic implementations. An attacker can create a fake
X.509 certificate with a MD2 signature apparently valid for these
software.
An attacker can therefore invite the victim to connect to a SSL
site using a X.509 certificate signed with MD2, in order to
deceive the victim.
CHARACTERISTICS
Identifiers: 510197, CVE-2009-2409, RHSA-2009:1184-01,
RHSA-2009:1186-01, RHSA-2009:1190-01, VIGILANCE-VUL-8909
Pointed by: VIGILANCE-ACTU-1847, VIGILANCE-VUL-8906
http://vigilance.fr/vulnerability/Firefox-GnuTLS-OpenSSL-NSPR-NSS-signature-with-MD2-for-X-509-8909