PT-2005-1108 · N/A+4 · Sha-1+4

Adi Shamir

Publicado

2005-02-15

Atualizado

2026-05-22

CVE-2005-4900

CVSS v3.1

6.3

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions SHA-1 (affected versions not specified)

Description The issue is related to the SHA-1 algorithm not being collision resistant, making it easier for attackers to conduct spoofing attacks. This has been demonstrated by attacks on the use of SHA-1 in TLS 1.2. The SHA-1 algorithm is likely present in a large number of products across the entire IT sector.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Verification of Cryptographic Signature

Inadequate Encryption Strength

Use of a Broken Cryptographic Algorithm

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-347CWE-326CWE-327

Identificadores relacionados

ALT-PU-2016-1062

BDU:2023-07908

CVE-2005-4900

GHSA-M5M3-46GJ-WCH8

OPENSUSE-SU-2024:10786-1

OPENSUSE-SU-2024:10943-1

OPENSUSE-SU-2024:11377-1

SUSE-SU-2025:20049-1

Produtos afetados

Alt Linux

Fortios

Sha-1

Suse

Tls 1.2

PT-2005-1108 · N/A+4 · Sha-1+4

CVE-2005-4900

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 77