Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 SSL:MD5-SIGNATURE-2

Severity

 Minor

Recommended

 No

Recommended Action

 Drop

Category

 SSL

Keywords

 SSL Certificate Signed With MD5 Hash (2)

Release Date

 2019/06/18

Update Number

 3181

Supported Platforms

 idp-4.0+, isg-3.4+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

SSL: SSL Certificate Signed With MD5 Hash (2)


This signature detects SSL certificates that have been signed using the MD5 hash algorithm. Known weaknesses in the MD5 algorithm allow for certificates signed with it to be spoofed by attackers. The certificate detected by this signature could potentially be illegitimate. All certificates in the signing chain are checked.

Extended Description

EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system.

Affected Products

  • Emc vasa_provider_virtual_appliance 8.3.0

References

  • BugTraq: 99169
  • BugTraq: 33065
  • CVE: CVE-2017-11394
  • CVE: CVE-2016-8027
  • CVE: CVE-2017-4997
  • CVE: CVE-2008-5448
  • CVE: CVE-2004-0748
  • CVE: CVE-2003-0543
  • CVE: CVE-2017-10949
  • URL: http://www.win.tue.nl/hashclash/rogue-ca/

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out