Vigil@nce - Mozilla NSS, OpenSSL, Oracle Java: MD5 allowed in TLS 1.2
January 2016 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can create a MD5 collision in a TLS 1.2 session of
Mozilla NSS, in order to capture data belonging to this session.
Impacted products: Debian, Firefox, NSS, Java OpenJDK, OpenSSL,
openSUSE, openSUSE Leap, Java Oracle, RHEL, Ubuntu.
Severity: 1/4.
Creation date: 28/12/2015.
Revision date: 08/01/2016.
DESCRIPTION OF THE VULNERABILITY
The Mozilla NSS, OpenSSL and Oracle Java products implement TLS
version 1.2.
The MD5 hashing algorithm is weak. However, it is accepted in
signatures of TLS 1.2 ServerKeyExchange messages.
An attacker can therefore create a MD5 collision in a TLS 1.2
session of Mozilla NSS, OpenSSL or Oracle Java, in order to
capture data belonging to this session.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Mozilla-NSS-OpenSSL-Oracle-Java-MD5-allowed-in-TLS-1-2-18586