VYPR
← All advisories
Medium severity5.9NVD Advisory· Published Oct 14, 2016· Updated May 6, 2026

CVE-2005-4900

CVE-2005-4900

Description

SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of SHA-1 in TLS 1.2. NOTE: this CVE exists to provide a common identifier for referencing this SHA-1 issue; the existence of an identifier is not, by itself, a technology recommendation.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

SHA-1 is not collision-resistant, enabling spoofing attacks; its use is deprecated in TLS 1.2 and other protocols due to practical collision discoveries.

Vulnerability

SHA-1 is not collision resistant, as demonstrated by practical identical-prefix collision attacks achieving complexity as low as 2^63 operations, well below the brute-force bound of 2^80 [1][2]. This weakness affects all uses of SHA-1 where collision resistance is required, including digital signatures, file integrity verification, and file identification. The vulnerability exists in the full SHA-1 hash function and is not limited to reduced-round versions [4]. The use of SHA-1 in TLS 1.2 allows context-dependent attackers to conduct spoofing attacks.

Exploitation

To exploit this vulnerability, an attacker must be able to find two distinct messages with the same SHA-1 hash (an identical-prefix collision). The attack is practical with current computing resources, as the computational effort (estimated at 2^63 to 2^69 SHA-1 operations) is now within the realm of feasibility [2]. The attack does not require direct network access to the victim but relies on the victim accepting a digitally signed or integrity-verified object where the attacker can control the content. The attacker would craft two messages—a benign one and a malicious one—that produce the same hash, then substitute the malicious message while preserving the hash-based signature or integrity check.

Impact

A successful collision allows an attacker to spoof digital signatures, file integrity checks, and file identification that depend on SHA-1. This can lead to masquerading as a trusted entity, bypassing security controls, or delivering malicious content under a valid hash. The impact on TLS 1.2 is that an attacker may forge a digital certificate or integrity-validated handshake message, enabling man-in-the-middle attacks or impersonation of a legitimate server. The effect is a loss of authenticity and integrity assurance, potentially escalating to further compromise.

Mitigation

Migration to collision-resistant hash functions such as SHA-256 or SHA-3 is the definitive mitigation [1]. NIST deprecated SHA-1 for digital signatures in 2011 and for all uses by 2016. TLS 1.2 implementations should disable SHA-1 cipher suites and certificate chains. As of 2017, a practical collision attack (SHAttered) was demonstrated, reinforcing the urgency. No workaround preserves security; organizations must update systems to use a secure hash algorithm. There is no CVE-based fix; the vulnerability is inherent to the SHA-1 design.

References
  1. At death’s door for years, widely used SHA1 function is now dead
  2. New Cryptanalytic Results Against SHA-1
  3. SHA-1 Broken

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

5

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

11

News mentions

0

No linked articles in our index yet.