5 - CVE-2011-5035

Executive Summary

Informations
Name	CVE-2011-5035	First vendor Publication	2011-12-29
Vendor	Cve	Last vendor Modification	2018-01-06

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5035

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16908

Oval ID:	oval:org.mitre.oval:def:16908
Title:	Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 9.2.4, 10.0.2, 10.3.5, 10.3.6 and 12.1.1. Easily exploitable vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server
Description:	Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-5035	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Oracle WebLogic Server
Definition Synopsis:
Oracle WebLogic Server is installed Check if the version of Oracle WebLogic Server is 9.2.4, 10.0.2, 10.3.5.0, 10.3.6, 12.1.1 Check if the version of Oracle WebLogic Server is 9.2.4 AND Check if the version of Oracle WebLogic Server is 10.0.2 AND Check if the version of Oracle WebLogic Server is 10.3.5.0 AND Check if the version of Oracle WebLogic Server is 10.3.6 AND Check if the version of Oracle WebLogic Server is 12.1.1

Definition Id: oval:org.mitre.oval:def:19408

Oval ID:	oval:org.mitre.oval:def:19408
Title:	HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description:	Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2011-5035	Version:	10
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
platforms HP Release B.11.23 AND HP-UX B.11.31 AND filesets test Jdk70.JDK70-COM version is less than 1.7.0.01.00 AND Jdk70.JDK70-DEMO version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF32 version is less than 1.7.0.01.00 AND Jdk70.JDK70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-COM version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF32-HS version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64 version is less than 1.7.0.01.00 AND Jre70.JRE70-IPF64-HS version is less than 1.7.0.01.00

CPE : Common Platform Enumeration

Type	Description	Count
Application	Oracle Glassfish Server cpe:2.3:a:oracle:glassfish_server:3.1.1:::::::* cpe:2.3:a:oracle:glassfish_server:3.0.1:::::::* cpe:2.3:a:oracle:glassfish_server:3.0.1::::open_source::: cpe:2.3:a:oracle:glassfish_server:3.0:::::::* cpe:2.3:a:oracle:glassfish_server:2.1.1:::::::* cpe:2.3:a:oracle:glassfish_server:2.1:::::::* cpe:2.3:a:oracle:glassfish_server:2.0:::::::* cpe:2.3:a:oracle:glassfish_server:1.0:ur1_po1:::::: cpe:2.3:a:oracle:glassfish_server:1.0:::::::* cpe:2.3:a:oracle:glassfish_server:1.0:ur1::::::	10

ExploitDB Exploits

id	Description
2012-01-03	PHP Hash Table Collision Proof Of Concept

OpenVAS Exploits

Date	Description
2012-12-04	Name : Oracle Java SE Hash Collision DoS Vulnerability (Windows) File : nvt/gb_oracle_java_se_hash_collision_dos_vuln_win.nasl
2012-10-19	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16351 File : nvt/gb_fedora_2012_16351_java-1.7.0-openjdk_fc16.nasl
2012-10-19	Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-16351 File : nvt/gb_fedora_2012_16351_java-1.6.0-openjdk_fc16.nasl
2012-09-22	Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-13127 File : nvt/gb_fedora_2012_13127_java-1.6.0-openjdk_fc16.nasl
2012-09-04	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-13138 File : nvt/gb_fedora_2012_13138_java-1.7.0-openjdk_fc16.nasl
2012-08-30	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-2595 File : nvt/gb_fedora_2012_2595_java-1.7.0-openjdk_fc17.nasl
2012-08-02	Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:0309-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_0309_1.nasl
2012-07-30	Name : CentOS Update for java CESA-2012:0135 centos6 File : nvt/gb_CESA-2012_0135_java_centos6.nasl
2012-07-09	Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:0135-01 File : nvt/gb_RHSA-2012_0135-01_java-1.6.0-openjdk.nasl
2012-06-19	Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9545 File : nvt/gb_fedora_2012_9545_java-1.6.0-openjdk_fc16.nasl
2012-06-19	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-9593 File : nvt/gb_fedora_2012_9593_java-1.7.0-openjdk_fc16.nasl
2012-04-09	Name : Java Runtime Environment Multiple Vulnerabilities (MAC OS X) File : nvt/gb_jre_mult_vuln_macosx.nasl
2012-04-02	Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-1690 File : nvt/gb_fedora_2012_1690_java-1.7.0-openjdk_fc16.nasl
2012-04-02	Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-1711 File : nvt/gb_fedora_2012_1711_java-1.6.0-openjdk_fc16.nasl
2012-03-12	Name : Debian Security Advisory DSA 2420-1 (openjdk-6) File : nvt/deb_2420_1.nasl
2012-03-09	Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-1721 File : nvt/gb_fedora_2012_1721_java-1.6.0-openjdk_fc15.nasl
2012-03-09	Name : Ubuntu Update for openjdk-6 USN-1373-1 File : nvt/gb_ubuntu_USN_1373_1.nasl
2012-03-07	Name : Ubuntu Update for openjdk-6b18 USN-1373-2 File : nvt/gb_ubuntu_USN_1373_2.nasl
2012-02-27	Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:0322-01 File : nvt/gb_RHSA-2012_0322-01_java-1.6.0-openjdk.nasl
2012-02-21	Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:021 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_021.nasl
2012-01-12	Name : Apache Tomcat Hash Collision Denial Of Service Vulnerability File : nvt/gb_apache_tomcat_hash_collision_dos_vuln_win.nasl
2012-01-05	Name : Oracle GlassFish Server Hash Collision Denial of Service Vulnerability File : nvt/gb_glassfish_hash_collision_dos_vuln.nasl
2012-01-03	Name : PHP Web Form Hash Collision Denial of Service Vulnerability (Win) File : nvt/gb_php_web_form_hash_collision_dos_vuln_win.nasl
2011-12-30	Name : Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420) File : nvt/secpod_ms11-100.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
78114	Oracle GlassFish Server Hash Collission Form Parameter Parsing Remote DoS Oracle GlassFish Server contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends multiple crafted parameters which trigger hash collisions, and will result in loss of availability for the program via CPU consumption.

Information Assurance Vulnerability Management (IAVM)

Date	Description
2012-09-13	IAVM : 2012-A-0147 - Multiple Vulnerabilities in VMware vCenter Server 4.1 Severity : Category I - VMSKEY : V0033793
2012-09-13	IAVM : 2012-A-0148 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0033794

Nessus® Vulnerability Scanner

Date	Description
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO
2014-07-22	Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_jrockit_cpu_apr_2012.nasl - Type : ACT_GATHER_INFO
2014-06-30	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-32.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_4_java-1_6_0-openjdk-120222.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-136.nasl - Type : ACT_GATHER_INFO
2014-01-27	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201401-30.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-43.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0322.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0135.nasl - Type : ACT_GATHER_INFO
2013-06-05	Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2012-0013.nasl - Type : ACT_GATHER_INFO
2013-02-22	Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_feb_2012_unix.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-120427.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120221_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120216_java_1_6_0_sun_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120214_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-07-17	Name : The remote device has a denial of service vulnerability. File : juniper_psn-2012-07-650.nasl - Type : ACT_GATHER_INFO
2012-04-25	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0514.nasl - Type : ACT_GATHER_INFO
2012-04-05	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_7_2012-001.nasl - Type : ACT_GATHER_INFO
2012-04-05	Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update7.nasl - Type : ACT_GATHER_INFO
2012-03-19	Name : A web-based application running on the remote Windows host is affected by a d... File : coldfusion_win_apsb12-06.nasl - Type : ACT_GATHER_INFO
2012-03-01	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1373-2.nasl - Type : ACT_GATHER_INFO
2012-02-29	Name : The remote Fedora host is missing a security update. File : fedora_2012-2595.nasl - Type : ACT_GATHER_INFO
2012-02-29	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2420.nasl - Type : ACT_GATHER_INFO
2012-02-28	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-120220.nasl - Type : ACT_GATHER_INFO
2012-02-27	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1373-1.nasl - Type : ACT_GATHER_INFO
2012-02-22	Name : The remote web server is affected by a denial of service vulnerability. File : glassfish_cve-2011-5035.nasl - Type : ACT_GATHER_INFO
2012-02-22	Name : The remote Fedora host is missing a security update. File : fedora_2012-1721.nasl - Type : ACT_GATHER_INFO
2012-02-22	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0322.nasl - Type : ACT_GATHER_INFO
2012-02-20	Name : The remote Fedora host is missing a security update. File : fedora_2012-1711.nasl - Type : ACT_GATHER_INFO
2012-02-20	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-021.nasl - Type : ACT_GATHER_INFO
2012-02-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0139.nasl - Type : ACT_GATHER_INFO
2012-02-16	Name : The remote Fedora host is missing a security update. File : fedora_2012-1690.nasl - Type : ACT_GATHER_INFO
2012-02-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0135.nasl - Type : ACT_GATHER_INFO
2012-02-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0135.nasl - Type : ACT_GATHER_INFO
2012-02-15	Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_feb_2012.nasl - Type : ACT_GATHER_INFO
2012-01-13	Name : The remote web server is affected by a denial of service vulnerability File : tomcat_5_5_35.nasl - Type : ACT_GATHER_INFO
2012-01-13	Name : The remote web server is affected by a denial of service vulnerability. File : tomcat_7_0_23.nasl - Type : ACT_GATHER_INFO
2011-12-29	Name : The version of ASP.NET Framework installed on the remote host is affected by ... File : smb_nt_ms11-100.nasl - Type : ACT_GATHER_INFO
2011-12-12	Name : The remote web server is affected by multiple vulnerabilities. File : tomcat_6_0_35.nasl - Type : ACT_GATHER_INFO
2009-01-19	Name : The remote host is missing Sun Security Patch number 128641-30 File : solaris9_x86_128641.nasl - Type : ACT_GATHER_INFO
2009-01-19	Name : The remote host is missing Sun Security Patch number 128640-30 File : solaris9_128640.nasl - Type : ACT_GATHER_INFO
2009-01-19	Name : The remote host is missing Sun Security Patch number 128641-30 File : solaris10_x86_128641.nasl - Type : ACT_GATHER_INFO
2009-01-19	Name : The remote host is missing Sun Security Patch number 128640-30 File : solaris10_128640.nasl - Type : ACT_GATHER_INFO
2007-10-18	Name : The remote host is missing Sun Security Patch number 124672-20 File : solaris8_124672.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote host is missing Sun Security Patch number 124673-20 File : solaris9_x86_124673.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote host is missing Sun Security Patch number 124672-20 File : solaris9_124672.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote host is missing Sun Security Patch number 124673-20 File : solaris10_x86_124673.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote host is missing Sun Security Patch number 124672-20 File : solaris10_124672.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
BUGTRAQ	http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
CERT-VN	http://www.kb.cert.org/vuls/id/903934
CONFIRM	http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
DEBIAN	http://www.debian.org/security/2012/dsa-2420
GENTOO	http://security.gentoo.org/glsa/glsa-201406-32.xml
HP	http://marc.info/?l=bugtraq&m=133364885411663&w=2 http://marc.info/?l=bugtraq&m=133847939902305&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://marc.info/?l=bugtraq&m=139344343412337&w=2
MANDRIVA	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
MISC	http://www.nruns.com/_downloads/advisory28122011.pdf http://www.ocert.org/advisories/ocert-2011-003.html https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py
OVAL	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT	http://rhn.redhat.com/errata/RHSA-2012-0514.html http://rhn.redhat.com/errata/RHSA-2013-1455.html
SECUNIA	http://secunia.com/advisories/48073 http://secunia.com/advisories/48074 http://secunia.com/advisories/48589 http://secunia.com/advisories/48950 http://secunia.com/advisories/57126
SUSE	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html

Alert History

If you want to see full details history, please login or register.

Date	Informations
2021-05-05 01:09:37	Multiple Updates
2021-05-04 12:18:04	Multiple Updates
2021-04-22 01:21:21	Multiple Updates
2020-05-23 13:16:58	Multiple Updates
2020-05-23 01:47:43	Multiple Updates
2020-05-23 00:32:25	Multiple Updates
2019-03-19 12:04:45	Multiple Updates
2018-01-06 09:21:18	Multiple Updates
2018-01-05 09:23:09	Multiple Updates
2017-12-29 09:21:57	Multiple Updates
2017-12-22 09:21:05	Multiple Updates
2017-09-19 09:25:06	Multiple Updates
2017-07-22 12:02:04	Multiple Updates
2016-08-23 09:24:45	Multiple Updates
2016-04-26 21:19:37	Multiple Updates
2016-03-10 05:23:42	Multiple Updates
2016-03-10 00:44:24	Multiple Updates
2015-05-21 13:29:24	Multiple Updates
2014-11-08 13:29:56	Multiple Updates
2014-10-04 09:25:26	Multiple Updates
2014-07-23 13:24:40	Multiple Updates
2014-07-01 13:24:59	Multiple Updates
2014-06-14 13:32:03	Multiple Updates
2014-03-18 13:22:08	Multiple Updates
2014-03-08 13:21:51	Multiple Updates
2014-02-17 11:06:39	Multiple Updates
2014-02-07 13:19:54	Multiple Updates
2013-11-11 12:39:40	Multiple Updates
2013-11-04 21:21:58	Multiple Updates
2013-10-31 13:19:07	Multiple Updates
2013-10-11 13:23:13	Multiple Updates
2013-05-10 23:12:17	Multiple Updates
2013-02-15 13:20:13	Multiple Updates
2013-01-18 13:19:17	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	2
CPE ID(s)	10
Sources(s)	25
osvdb(s)	1
ExploitDB Exploit(s)	1
Openvas Exploit(s)	24
IAVM(s)	2
Nessus® Exploit(s)	48

	Related
10	USN-1373-2
10	USN-1373-1
10	RHSA-2012:0514
10	RHSA-2012:0322
10	RHSA-2012:0139
10	RHSA-2012:0135
10	MDVSA-2013:150
10	MDVSA-2012:021
10	HPSBUX02784 SSR...
10	HPSBUX02757 SSR...
10	HPSBMU02799 SSR...
10	HPSBMU02797 SSR...
10	GLSA-201406-32
10	GLSA-201401-30
10	DSA-2420
7.8	VU#903934
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 16 more Alert(s)