Quoting from http://www.phreedom.org/research/rogue-ca/
“As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS protocol.”
I wrote a program to look through the trusted certs that came with Firefox 3.0.4 for any CAs with MD5 signature algorithms.
UPDATE: the list was not relevant because of a feature of the attack (thanks Thomas). Apparently “only RapidSSL and FreeSSL are practically vulnerable”
UPDATE 2: VeriSign responds, no longer possible with RapidSSL. And they’ve been phasing MD5 out across the board.