header-logo
Suggest Exploit
vendor:
Multiple products
by:
Unknown
7.5
CVSS
HIGH
Hash Collision
327
CWE
Product Name: Multiple products
Affected Version From: All versions using MD5 algorithm
Affected Version To: All versions using MD5 algorithm
Patch Exists: NO
Related CWE: CVE-2004-2761
CPE: a:md5_algorithm
Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0837/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0838/
Other Scripts:
Platforms Tested:
Unknown

MD5 Hash Collision Weakness

The MD5 algorithm is prone to a hash collision weakness, allowing attackers to create multiple input sources that result in the same output fingerprint. This can be exploited to substitute a malicious file for an innocent one, potentially leading to the execution of malicious code or breaking non-repudiation properties of messages.

Mitigation:

It is recommended to review cryptosystems that use the MD5 algorithm and implement measures to protect against this weakness. Consider using alternative hashing algorithms in conjunction with or as a replacement for MD5.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11849/info

The MD5 algorithm is reported prone to a hash collision weakness. This weakness reportedly allows attackers to create multiple, differing input sources that, when the MD5 algorithm is used, result in the same output fingerprint.

It has been demonstrated that attackers can create multiple input sources to MD5 that result in the same output fingerprint. Reportedly, at this time, attackers cannot generate arbitrary collisions. At this time, it is also reported that only a very limited number of individual bits in an input message may be altered while maintaining an identical output fingerprint.

This weakness may allow attackers to create two messages, or executable binaries such that their MD5 fingerprints are identical. One of these messages or binaries would be innocent, and the other malicious. The innocent message or binary may be digitally signed, and then later would have the malicious file substituted into its place. This attack may allow malicious code to be executed, or non-repudiation properties of messages to be broken.

At this time, preimage attacks are not reportedly possible.

It is recommended that cryptosystems that utilize the MD5 algorithm should be reviewed, and the measures should be taken to protect against this weakness. Other hashing algorithms may possibly be utilized in replacement to, or in conjunction with MD5 to decrease the likelihood of a successful attack.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/24807.tar.gz

Navigation

Suggest Exploit

Services By CQR

cqrsecured