### [CVE-2004-2761](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2761)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate.

### POC

#### Reference
- http://securityreason.com/securityalert/4866
- http://www.phreedom.org/research/rogue-ca/
- http://www.ubuntu.com/usn/usn-740-1
- http://www.win.tue.nl/hashclash/SoftIntCodeSign/
- http://www.win.tue.nl/hashclash/rogue-ca/

#### Github
- https://github.com/ajread4/cve_pull