Penetration Testing UK

CVE-2005-2946

CVE-2005-2946

Severity Score

5.0

Access Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

Summary

The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.

Learn more about our Penetration Testing services.