Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2011-4858
Description:Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Test IDs: 1.3.6.1.4.1.25623.1.0.70718   1.3.6.1.4.1.25623.1.0.71338   1.3.6.1.4.1.25623.1.0.802378   1.3.6.1.4.1.25623.1.0.831618   1.3.6.1.4.1.25623.1.0.881065   1.3.6.1.4.1.25623.1.0.870714   1.3.6.1.4.1.25623.1.0.870585   1.3.6.1.4.1.25623.1.0.881140   1.3.6.1.4.1.25623.1.1.4.2012.0144.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-4858
BugTraq ID: 51200
http://www.securityfocus.com/bid/51200
CERT/CC vulnerability note: VU#903934
http://www.kb.cert.org/vuls/id/903934
Debian Security Information: DSA-2401 (Google Search)
http://www.debian.org/security/2012/dsa-2401
HPdes Security Advisory: HPSBMU02747
http://marc.info/?l=bugtraq&m=133294394108746&w=2
HPdes Security Advisory: HPSBUX02741
http://marc.info/?l=bugtraq&m=132871655717248&w=2
HPdes Security Advisory: HPSBUX02860
http://marc.info/?l=bugtraq&m=136485229118404&w=2
HPdes Security Advisory: SSRT100728
http://marc.info/?l=bugtraq&m=132871655717248&w=2
HPdes Security Advisory: SSRT100771
http://marc.info/?l=bugtraq&m=133294394108746&w=2
HPdes Security Advisory: SSRT101146
http://marc.info/?l=bugtraq&m=136485229118404&w=2
http://www.nruns.com/_downloads/advisory28122011.pdf
http://www.ocert.org/advisories/ocert-2011-003.html
https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py
http://mail-archives.apache.org/mod_mbox/tomcat-announce/201112.mbox/%3c4EFB9800.5010106@apache.org%3e
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18886
RedHat Security Advisories: RHSA-2012:0074
http://rhn.redhat.com/errata/RHSA-2012-0074.html
RedHat Security Advisories: RHSA-2012:0075
http://rhn.redhat.com/errata/RHSA-2012-0075.html
RedHat Security Advisories: RHSA-2012:0076
http://rhn.redhat.com/errata/RHSA-2012-0076.html
RedHat Security Advisories: RHSA-2012:0077
http://rhn.redhat.com/errata/RHSA-2012-0077.html
RedHat Security Advisories: RHSA-2012:0078
http://rhn.redhat.com/errata/RHSA-2012-0078.html
RedHat Security Advisories: RHSA-2012:0089
http://rhn.redhat.com/errata/RHSA-2012-0089.html
RedHat Security Advisories: RHSA-2012:0325
http://rhn.redhat.com/errata/RHSA-2012-0325.html
RedHat Security Advisories: RHSA-2012:0406
http://rhn.redhat.com/errata/RHSA-2012-0406.html
http://secunia.com/advisories/48549
http://secunia.com/advisories/48790
http://secunia.com/advisories/48791
http://secunia.com/advisories/54971
http://secunia.com/advisories/55115




© 1998-2021 E-Soft Inc. All rights reserved.