| |||||||||||||
SquirrelMail 1.4.13 released - older versions compromisedSquirrelMail 1.4.13 released - older versions compromisedPosted Dec 17, 2007 6:40 UTC (Mon) by njs (guest, #40338)In reply to: SquirrelMail 1.4.13 released - older versions compromised by wahern Parent article: SquirrelMail 1.4.13 released - older versions compromised
AFAIK all the current attacks on MD5 still require that the bad guy gets to pick *both* files. Presumably we can trust that the people posting this security advisory are not auditing and then hashing a file that was supplied by a "bad guy", but are instead working from known-good sources -- so their hashes should be safe to use. That said... seriously, everyone should be moving to SHA-256, just cuz. Convenient access to SHA-1 (in the form of sha1sum) is probably still more widespread, though, and even it isn't everywhere...
(Log in to post comments)
SquirrelMail 1.4.13 released - older versions compromised Posted Dec 17, 2007 16:52 UTC (Mon) by wahern (subscriber, #37304) [Link] It's a tarball. The attacker can insert any random data he pleases in creating the collision.
SquirrelMail 1.4.13 released - older versions compromised Posted Dec 17, 2007 18:03 UTC (Mon) by proski (subscriber, #104) [Link] I'm afraid you don't get it. Saying that the attacker must pick both files means that the attacker would need to influence the original file in addition to the one created by the attacker. If the attacker can add random data to the original tarball, we have a bigger problem, and the checksum is irrelevant.
|
|||||||||||||