Description

The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.

Remediation

References

CVE-2005-2946

Related Vulnerabilities

WordPress Plugin WP Hotel Booking Cross-Site Request Forgery (1.10.5)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0312)

WordPress Plugin Simple visitor stat Cross-Site Scripting (1.0)

Joomla! Core 1.5.x Session Hijacking (1.5.0 - 1.5.8)

WordPress Plugin PDF & Print by BestWebSoft Cross-Site Scripting (1.7.4)

Severity

Medium

Classification

CVE-2005-2946

Tags

Missing Update Known Vulnerabilities