Описание
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 0.9.8a-7ubuntu0.3 |
| devel | released | 0.9.8b-2ubuntu2 |
| edgy | released | 0.9.8b-2ubuntu2 |
| feisty | released | 0.9.8b-2ubuntu2 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.
The default configuration on OpenSSL before 0.9.8 uses MD5 for creatin ...
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3