exploit the possibilities
Showing 1 - 1 of 1 RSS Feed


Posted Dec 7, 2004
Authored by Dan Kaminsky | Site doxpara.com

Collision vulnerabilities in MD5 Checksums - It is possible to create different executables which have the same md5 hash. The attacks remain limited, for now. The attack allows blocks in the checksumm'd file to be swapped out for other blocks without changing the final hash. This is an excellent vector for malicious developers to get unsafe code past a group of auditors, perhaps to acquire a required third party signature. Alternatively, build tools themselves could be compromised to embed safe versions of dangerous payloads in each build. A tool to demonstrate these vulnerabilities is available here.

tags | paper, vulnerability
MD5 | 5e1605409d78efd92cdce0d11489010b
Page 1 of 1

Top Authors In Last 30 Days

packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By