CVE-2011-5035

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.

References

http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html

http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html

http://marc.info/?l=bugtraq&m=133364885411663&w=2

http://marc.info/?l=bugtraq&m=133847939902305&w=2

http://marc.info/?l=bugtraq&m=134254866602253&w=2

http://marc.info/?l=bugtraq&m=134254957702612&w=2

http://marc.info/?l=bugtraq&m=139344343412337&w=2

http://rhn.redhat.com/errata/RHSA-2012-0514.html

http://rhn.redhat.com/errata/RHSA-2013-1455.html

http://secunia.com/advisories/48073

http://secunia.com/advisories/48074

http://secunia.com/advisories/48589

http://secunia.com/advisories/48950

http://secunia.com/advisories/57126

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://www.debian.org/security/2012/dsa-2420

http://www.kb.cert.org/vuls/id/903934

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

http://www.nruns.com/_downloads/advisory28122011.pdf

http://www.ocert.org/advisories/ocert-2011-003.html

http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html

http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html

http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html

https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16908

Details

Source: MITRE

Published: 2011-12-30

Updated: 2018-01-06

Type: CWE-20

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Tenable Plugins

View all (44 total)

IDNameProductFamilySeverity
107968Solaris 10 (x86) : 128641-30NessusSolaris Local Security Checks
medium
107913Solaris 10 (x86) : 124673-20NessusSolaris Local Security Checks
medium
107469Solaris 10 (sparc) : 128640-30NessusSolaris Local Security Checks
medium
107410Solaris 10 (sparc) : 124672-20NessusSolaris Local Security Checks
medium
78975RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1455) (BEAST) (ROBOT)NessusRed Hat Local Security Checks
critical
76683Oracle JRockit R27 < R27.7.2.5 / R28 < R28.2.3.13 Multiple Vulnerabilities (April 2012 CPU)NessusWindows
critical
76303GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)NessusGentoo Local Security Checks
critical
75871openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2012:0309-1)NessusSuSE Local Security Checks
critical
74558openSUSE Security Update : java-1_6_0-openjdk (openSUSE-2012-136)NessusSuSE Local Security Checks
critical
72139GLSA-201401-30 : Oracle JRE/JDK: Multiple vulnerabilities (ROBOT)NessusGentoo Local Security Checks
critical
8005Oracle GlassFish Server <= 3.1.1 Multiple Denial-of-Service VulnerabilitiesNessus Network MonitorWeb Servers
medium
69650Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2012-43)NessusAmazon Linux Local Security Checks
critical
68487Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2012-0322)NessusOracle Linux Local Security Checks
critical
68459Oracle Linux 6 : java-1.6.0-openjdk (ELSA-2012-0135)NessusOracle Linux Local Security Checks
critical
66806VMware vCenter Multiple Vulnerabilities (VMSA-2012-0013)NessusMisc.
critical
64847Oracle Java SE Multiple Vulnerabilities (February 2012 CPU) (Unix)NessusMisc.
critical
64164SuSE 11.1 Security Update : IBM Java 1.6.0 (SAT Patch Number 6225)NessusSuSE Local Security Checks
critical
61264Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64 (20120221)NessusScientific Linux Local Security Checks
critical
61252Scientific Linux Security Update : java-1.6.0-sun on SL4.x, SL5.x i386/x86_64 (20120216)NessusScientific Linux Local Security Checks
critical
61248Scientific Linux Security Update : java-1.6.0-openjdk on SL6.x i386/x86_64 (20120214)NessusScientific Linux Local Security Checks
critical
59065SuSE 10 Security Update : IBM Java 1.6.0 (ZYPP Patch Number 8094)NessusSuSE Local Security Checks
critical
58866RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2012:0514)NessusRed Hat Local Security Checks
critical
58606Mac OS X : Java for OS X Lion 2012-001NessusMacOS X Local Security Checks
critical
58605Mac OS X : Java for Mac OS X 10.6 Update 7NessusMacOS X Local Security Checks
critical
58179Ubuntu 10.04 LTS / 10.10 / 11.04 : openjdk-6b18 vulnerabilities (USN-1373-2)NessusUbuntu Local Security Checks
critical
58148Debian DSA-2420-1 : openjdk-6 - several vulnerabilitiesNessusDebian Local Security Checks
critical
58141SuSE 11.1 Security Update : Java 1.6.0 (SAT Patch Number 5845)NessusSuSE Local Security Checks
critical
58130Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : openjdk-6 vulnerabilities (USN-1373-1)NessusUbuntu Local Security Checks
critical
58090Oracle GlassFish Server 2.1.1 < 2.1.1.15 / 3.0.1 < 3.0.1.5 / 3.1.1 < 3.1.1.2 Hash Collision DoSNessusWeb Servers
medium
58084RHEL 5 : java-1.6.0-openjdk (RHSA-2012:0322)NessusRed Hat Local Security Checks
critical
58026Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2012:021)NessusMandriva Local Security Checks
critical
57991RHEL 4 / 5 / 6 : java-1.6.0-sun (RHSA-2012:0139)NessusRed Hat Local Security Checks
critical
57961CentOS 6 : java-1.6.0-openjdk (CESA-2012:0135)NessusCentOS Local Security Checks
critical
57959Oracle Java SE Multiple Vulnerabilities (February 2012 CPU)NessusWindows
critical
57956RHEL 6 : java-1.6.0-openjdk (RHSA-2012:0135)NessusRed Hat Local Security Checks
critical
35421Solaris 9 (x86) : 128641-30NessusSolaris Local Security Checks
medium
35419Solaris 9 (sparc) : 128640-30NessusSolaris Local Security Checks
medium
35415Solaris 10 (x86) : 128641-30 (deprecated)NessusSolaris Local Security Checks
medium
35409Solaris 10 (sparc) : 128640-30 (deprecated)NessusSolaris Local Security Checks
medium
27509Solaris 8 (sparc) : 124672-20NessusSolaris Local Security Checks
medium
27099Solaris 9 (x86) : 124673-20NessusSolaris Local Security Checks
medium
27092Solaris 9 (sparc) : 124672-20NessusSolaris Local Security Checks
medium
27077Solaris 10 (x86) : 124673-20 (deprecated)NessusSolaris Local Security Checks
medium
27072Solaris 10 (sparc) : 124672-20 (deprecated)NessusSolaris Local Security Checks
medium