Executive Summary
Summary | |
---|---|
Title | HP OpenView Network Node Manager (OV NNM) Running Apache Tomcat, Remote Denial of Service (DoS) |
Informations | |||
---|---|---|---|
Name | HPSBMU02747 SSRT100771 | First vendor Publication | 2012-03-27 |
Vendor | HP | Last vendor Modification | 2012-03-27 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache Tomcat. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS). |
Original Source
Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03231290 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-399 | Resource Management Errors |
50 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15018 | |||
Oval ID: | oval:org.mitre.oval:def:15018 | ||
Title: | USN-1359-1 -- Tomcat vulnerabilities | ||
Description: | tomcat6: Servlet and JSP engine Tomcat could be made to crash or expose sensitive information if it received specially crafted network traffic. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1359-1 CVE-2011-3375 CVE-2011-4858 CVE-2012-0022 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | Tomcat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15309 | |||
Oval ID: | oval:org.mitre.oval:def:15309 | ||
Title: | DSA-2401-1 tomcat6 -- several | ||
Description: | Several vulnerabilities have been found in Tomcat, a servlet and JSP engine: CVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 The HTTP Digest Access Authentication implementation performed insufficient countermeasures against replay attacks. CVE-2011-2204 In rare setups passwords were written into a logfile. CVE-2011-2526 Missing input sanisiting in the HTTP APR or HTTP NIO connectors could lead to denial of service. CVE-2011-3190 AJP requests could be spoofed in some setups. CVE-2011-3375 Incorrect request caching could lead to information disclosure. CVE-2011-4858 CVE-2012-0022 This update adds countermeasures against a collision denial of service vulnerability in the Java hashtable implementation and addresses denial of service potentials when processing large amounts of requests | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2401-1 CVE-2011-1184 CVE-2011-2204 CVE-2011-2526 CVE-2011-3190 CVE-2011-3375 CVE-2011-4858 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 CVE-2012-0022 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | tomcat6 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16925 | |||
Oval ID: | oval:org.mitre.oval:def:16925 | ||
Title: | Vulnerability in the Management Pack for Oracle GoldenGate Server. Supported versions that are affected are 11.1.1.1.0. Vulnerability in the Oracle GoldenGate Veridata component of Oracle Fusion Middleware (subcomponent: Server). The supported version that is affected is 3.0.0.11.0. Easily exploitable vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle GoldenGate Veridata | ||
Description: | Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0022 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Oracle GoldenGate Director Oracle GoldenGate Veridata |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18886 | |||
Oval ID: | oval:org.mitre.oval:def:18886 | ||
Title: | HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities | ||
Description: | Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-4858 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18934 | |||
Oval ID: | oval:org.mitre.oval:def:18934 | ||
Title: | HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities | ||
Description: | Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0022 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20494 | |||
Oval ID: | oval:org.mitre.oval:def:20494 | ||
Title: | VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, Workstation, Player, ESXi and ESX address several security issues | ||
Description: | Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0022 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21312 | |||
Oval ID: | oval:org.mitre.oval:def:21312 | ||
Title: | RHSA-2012:0475: tomcat6 security update (Moderate) | ||
Description: | Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0475-03 CESA-2012:0475 CVE-2011-4858 CVE-2012-0022 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | tomcat6 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23745 | |||
Oval ID: | oval:org.mitre.oval:def:23745 | ||
Title: | ELSA-2012:0475: tomcat6 security update (Moderate) | ||
Description: | Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0475-03 CVE-2011-4858 CVE-2012-0022 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | tomcat6 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25819 | |||
Oval ID: | oval:org.mitre.oval:def:25819 | ||
Title: | SUSE-SU-2013:1374-1 -- Security update for tomcat6 | ||
Description: | This update of tomcat6 fixes: * apache-tomcat-CVE-2012-3544.patch (bnc#831119) * use chown --no-dereference to prevent symlink attacks on log (bnc#822177#c7/prevents CVE-2013-1976) * Fix tomcat init scripts generating malformed classpath ( http://youtrack.jetbrains.com/issue/JT-18545 <http://youtrack.jetbrains.com/issue/JT-18545> ) bnc#804992 (patch from m407) * fix a typo in initscript (bnc#768772 ) * copy all shell scripts (bnc#818948) | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1374-1 CVE-2012-3544 CVE-2013-1976 CVE-2012-0022 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | tomcat6 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27374 | |||
Oval ID: | oval:org.mitre.oval:def:27374 | ||
Title: | DEPRECATED: ELSA-2012-0475 -- tomcat6 security update (moderate) | ||
Description: | [0:6.0.24-36] - Resolves: CVE-2012-0022 regression. Changes made to patch file. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0475 CVE-2011-4858 CVE-2012-0022 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | tomcat6 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2012-01-03 | PHP Hash Table Collision Proof Of Concept |
OpenVAS Exploits
Date | Description |
---|---|
2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-24 (apache tomcat) File : nvt/glsa_201206_24.nasl |
2012-08-03 | Name : Mandriva Update for tomcat5 MDVSA-2012:085 (tomcat5) File : nvt/gb_mandriva_MDVSA_2012_085.nasl |
2012-07-30 | Name : CentOS Update for tomcat5 CESA-2012:0474 centos5 File : nvt/gb_CESA-2012_0474_tomcat5_centos5.nasl |
2012-07-30 | Name : CentOS Update for tomcat6 CESA-2012:0475 centos6 File : nvt/gb_CESA-2012_0475_tomcat6_centos6.nasl |
2012-07-09 | Name : RedHat Update for tomcat6 RHSA-2012:0475-01 File : nvt/gb_RHSA-2012_0475-01_tomcat6.nasl |
2012-04-13 | Name : RedHat Update for tomcat5 RHSA-2012:0474-01 File : nvt/gb_RHSA-2012_0474-01_tomcat5.nasl |
2012-03-16 | Name : VMSA-2012-0005 VMware vCenter Server, Orchestrator, Update Manager, vShield, ... File : nvt/gb_VMSA-2012-0005.nasl |
2012-02-21 | Name : Ubuntu Update for tomcat6 USN-1359-1 File : nvt/gb_ubuntu_USN_1359_1.nasl |
2012-02-12 | Name : Debian Security Advisory DSA 2401-1 (tomcat6) File : nvt/deb_2401_1.nasl |
2012-02-12 | Name : FreeBSD Ports: tomcat File : nvt/freebsd_tomcat0.nasl |
2012-01-20 | Name : Apache Tomcat Parameter Handling Denial of Service Vulnerability (Win) File : nvt/gb_apache_tomcat_parameter_handling_dos_vuln_win.nasl |
2012-01-12 | Name : Apache Tomcat Hash Collision Denial Of Service Vulnerability File : nvt/gb_apache_tomcat_hash_collision_dos_vuln_win.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78573 | Apache Tomcat CPU Consumption Parameter Saturation Remote DoS |
78483 | Hitachi Cosminexus Multiple Product Hash Collission Form Parameter Parsing Re... Multiple Hitachi Cosminexus products contain a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends multiple crafted parameters which trigger hash collisions, and will result in loss of availability for the program via CPU consumption. |
78113 | Apache Tomcat Hash Collission Form Parameter Parsing Remote DoS Apache Tomcat contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends multiple crafted parameters which trigger hash collisions, and will result in loss of availability for the program via CPU consumption. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2013-11-21 | IAVM : 2013-A-0219 - Multiple Vulnerabilities in Juniper Networks and Security Manager Severity : Category I - VMSKEY : V0042384 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-03 | Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2012-0005_remote.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_tomcat_20120405.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0682.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0680.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_tomcat6-120109.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_tomcat6-120109.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-129.nasl - Type : ACT_GATHER_INFO |
2013-11-21 | Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_2012_2_r5.nasl - Type : ACT_GATHER_INFO |
2013-08-23 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_tomcat6-130802.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0474.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0475.nasl - Type : ACT_GATHER_INFO |
2013-06-05 | Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2012-0005.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0074.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120411_tomcat5_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120411_tomcat6_on_SL6.nasl - Type : ACT_GATHER_INFO |
2012-06-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201206-24.nasl - Type : ACT_GATHER_INFO |
2012-05-31 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-085.nasl - Type : ACT_GATHER_INFO |
2012-04-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0475.nasl - Type : ACT_GATHER_INFO |
2012-04-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0474.nasl - Type : ACT_GATHER_INFO |
2012-04-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0474.nasl - Type : ACT_GATHER_INFO |
2012-04-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0475.nasl - Type : ACT_GATHER_INFO |
2012-03-16 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0005.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1359-1.nasl - Type : ACT_GATHER_INFO |
2012-02-06 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_tomcat5-7933.nasl - Type : ACT_GATHER_INFO |
2012-02-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2401.nasl - Type : ACT_GATHER_INFO |
2012-01-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_7f5ccb1d439b11e1bc160023ae8e59f0.nasl - Type : ACT_GATHER_INFO |
2012-01-13 | Name : The remote web server is affected by a denial of service vulnerability. File : tomcat_7_0_23.nasl - Type : ACT_GATHER_INFO |
2012-01-13 | Name : The remote web server is affected by a denial of service vulnerability File : tomcat_5_5_35.nasl - Type : ACT_GATHER_INFO |
2011-12-12 | Name : The remote web server is affected by multiple vulnerabilities. File : tomcat_6_0_35.nasl - Type : ACT_GATHER_INFO |