IBM has discovered a vulnerability in the MD5 signature and hash algorithm. [CVE-2015-7575]
This is a SLOTH or “Security Losses from Obsolete and Truncated Transcript Hashes” attack. Simply put, SLOTH is an acronym for the loss of security due to the use of obsolete and truncated hash constructs in major Internet protocols.
For example, it has been known since at least 2005 that MD5 signatures are cryptographically broken, although they continue to be used in the TLS protocol today, even though collision attacks have become much more practical.
In addition, SLOTH is one of a series of recent attacks against the use of older cryptographic constructs, including POODLE, FREAK and Logjam.
(Source : https://lnkd.in/eViwQJZf)
Returning to the flaw, it has been reported that the TLS protocol could allow weaker-than-expected security caused by a collision attack when using the MD5 hash function to sign a ServerKeyExchange message during a TLS handshake.
An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials.
The base CVSS score for this vulnerability is 7.1.
To correct this problem, simply apply the corresponding PTF patch to your potentially affected machine or products.
We still advise you to pay attention to the level of migration and version accounting when upgrading, you can find out more directly from the “Workarounds and Mitigations” section of the official IBM support alert page: https: //lnkd.in/eSJthSmG
