Rogue MD5 SSL Certificate Vulnerability

US-CERT is aware of a public report describing how MD5 collisions can be leveraged to generate rogue SSL CA certificates. A rogue CA certificate could be used by an attacker to generate valid SSL certificates for arbitrary web sites. Using these certificates in DNS redirection attacks, an attacker could spoof an SSL protected web site and obtain sensitive information.

US-CERT encourages users to review VU#836068 in the Vulnerability Notes Database. 

US-CERT will provide additional information as it becomes available.

SANS 2009

More than 35 courses, SANS top instructors, all in one great place! SANS 2009 is being held in Orlando, FL on March 2-9. Register today!

http://www.sans.org/info/35964/

TA08-352A: Microsoft Internet Explorer Data Binding Vulnerability

Microsoft Internet Explorer Data Binding Vulnerability

http://www.us-cert.gov/cas/techalerts/TA08-352A.html

VU#836068: MD5 vulnerable to collision attacks

Weaknesses in the MD5 algorithm allow for collisions in output. As a result,attackers can generate cryptographic tokens or other data that illegitimately appear to be authentic.

http://www.kb.cert.org/vuls/id/836068

T-025: Vulnerabilities in Microsoft XML Core Services

A remote code execution vulnerability exists in the way that Microsoft XML Core Services parses XML content. The
vulnerability could allow remote code execution if a user browses a Web site that contains specially crafted content or opens
specially crafted HTML e-mail. The risk is MEDIUM. An attacker who successfully exploited this vulnerability could take complete
control of an affected system.

http://doecirc.energy.gov/ciac/bulletins/t-025.shtml

<HTML><HEAD><META HTTP-EQUIV="Refresh" CONTENT="0.1">
<META HTTP-EQUIV="Pragma" CONTENT="no cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
</HEAD></HTML>