CVE-2011-4858

Apache Tomcat < 5.5.35 - Resource Management Error

Title source: rule

Description

Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

Exploits (1)

exploitdb WORKING POC

phpwebappsphp

https://www.exploit-db.com/exploits/2012

View Code ZIP pw:eip

References (26)

[Various Sources] http://mail-archives.apache.org/mod_mbox/tomcat-announce/201112.mbox/%3c4EFB9800.5010106%40apache.org%3e

[Various Sources] http://www.nruns.com/_downloads/advisory28122011.pdf

[Various Sources] http://www.ocert.org/advisories/ocert-2011-003.html

[Various Sources] https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py

View Exploit ZIP pw:eip

[Mailing List] http://marc.info/?l=bugtraq&m=132871655717248&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=133294394108746&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=136485229118404&w=2

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-0074.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-0075.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-0076.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-0077.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-0078.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-0089.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-0325.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-0406.html

[Various Sources] http://tomcat.apache.org/tomcat-7.0-doc/changelog.html

[US Government Resource] http://www.kb.cert.org/vuls/id/903934

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=750521

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/51200

[Third Party Advisory] http://www.debian.org/security/2012/dsa-2401

... and 6 more

Scores

EPSS 0.7660

EPSS Percentile 99.0%

Details

CWE

CWE-399

Status published

Products (50)

apache/tomcat 5.5.35

apache/tomcat 6.0.0

apache/tomcat 6.0.1

apache/tomcat 6.0.2

apache/tomcat 6.0.3

apache/tomcat 6.0.4

apache/tomcat 6.0.5

apache/tomcat 6.0.6

apache/tomcat 6.0.7

apache/tomcat 6.0.8

... and 40 more

Published Jan 05, 2012

Tracked Since Feb 18, 2026