CVE-2011-4858
First published: Thu Jan 05 2012(Updated: )
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tomcat | =6.0.33 | |
| Tomcat | =7.0.12 | |
| Tomcat | =6.0.6 | |
| Tomcat | =7.0.20 | |
| Tomcat | =6.0.11 | |
| Tomcat | =6.0.34 | |
| Tomcat | =7.0.8 | |
| Tomcat | =7.0.1 | |
| Tomcat | =7.0.2 | |
| Tomcat | =7.0.5 | |
| Tomcat | =6.0.22 | |
| Tomcat | =6.0.25 | |
| Tomcat | =6.0.7 | |
| Tomcat | =6.0.4 | |
| Tomcat | =7.0.22 | |
| Tomcat | =5.5.35 | |
| Tomcat | =6.0.15 | |
| Tomcat | =7.0.0 | |
| Tomcat | =7.0.6 | |
| Tomcat | =7.0.18 | |
| Tomcat | =6.0.20 | |
| Tomcat | =7.0.14 | |
| Tomcat | =6.0.21 | |
| Tomcat | =6.0.10 | |
| Tomcat | =6.0.31 | |
| Tomcat | =6.0.29 | |
| Tomcat | =7.0.11 | |
| Tomcat | =6.0.3 | |
| Tomcat | =6.0.9 | |
| Tomcat | =6.0.24 | |
| Tomcat | =6.0.23 | |
| Tomcat | =6.0.17 | |
| Tomcat | =7.0.7 | |
| Tomcat | =6.0.32 | |
| Tomcat | =6.0.28 | |
| Tomcat | =6.0.0 | |
| Tomcat | =7.0.13 | |
| Tomcat | =6.0.14 | |
| Tomcat | =7.0.15 | |
| Tomcat | =7.0.19 | |
| Tomcat | =7.0.16 | |
| Tomcat | =7.0.10 | |
| Tomcat | =6.0.1 | |
| Tomcat | =6.0.12 | |
| Tomcat | =6.0.18 | |
| Tomcat | =6.0.5 | |
| Tomcat | =7.0.21 | |
| Tomcat | =7.0.17 | |
| Tomcat | =6.0.30 | |
| Tomcat | =6.0.2 | |
| Tomcat | =7.0.9 | |
| Tomcat | =6.0.13 | |
| Tomcat | =7.0.4 | |
| Tomcat | =7.0.3 | |
| Tomcat | =6.0.26 | |
| Tomcat | =6.0.19 | |
| Tomcat | =6.0.27 | |
| Tomcat | =6.0.16 | |
| Tomcat | =6.0.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://mail-archives.apache.org/mod_mbox/tomcat-announce/201112.mbox/%3c4EFB9800.5010106@apache.org%3e
- http://marc.info/?l=bugtraq&m=132871655717248&w=2
- http://marc.info/?l=bugtraq&m=133294394108746&w=2
- http://marc.info/?l=bugtraq&m=136485229118404&w=2
- http://rhn.redhat.com/errata/RHSA-2012-0074.html
- http://rhn.redhat.com/errata/RHSA-2012-0075.html
- http://rhn.redhat.com/errata/RHSA-2012-0076.html
- http://rhn.redhat.com/errata/RHSA-2012-0077.html
- http://rhn.redhat.com/errata/RHSA-2012-0078.html
- http://rhn.redhat.com/errata/RHSA-2012-0089.html
- http://rhn.redhat.com/errata/RHSA-2012-0325.html
- http://rhn.redhat.com/errata/RHSA-2012-0406.html
- http://secunia.com/advisories/48549
- http://secunia.com/advisories/48790
- http://secunia.com/advisories/48791
- http://secunia.com/advisories/54971
- http://secunia.com/advisories/55115
- http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
- http://www.debian.org/security/2012/dsa-2401
- http://www.kb.cert.org/vuls/id/903934
- http://www.nruns.com/_downloads/advisory28122011.pdf
- http://www.ocert.org/advisories/ocert-2011-003.html
- http://www.securityfocus.com/bid/51200
- https://bugzilla.redhat.com/show_bug.cgi?id=750521
- https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18886
- http://mail-archives.apache.org/mod_mbox/tomcat-announce/201112.mbox/%3c4EFB9800.5010106%40apache.org%3e
Frequently Asked Questions
What is the severity of CVE-2011-4858?
CVE-2011-4858 is classified with a moderate severity level due to its potential to cause denial of service through CPU consumption.
How do I fix CVE-2011-4858?
To remediate CVE-2011-4858, you should upgrade to Apache Tomcat version 5.5.35, 6.0.35, or 7.0.23 or later.
What types of attacks can exploit CVE-2011-4858?
CVE-2011-4858 can be exploited through crafted form parameters designed to trigger predictable hash collisions.
Which versions of Apache Tomcat are affected by CVE-2011-4858?
CVE-2011-4858 affects Apache Tomcat versions prior to 5.5.35, 6.x prior to 6.0.35, and 7.x prior to 7.0.23.
What is the impact of CVE-2011-4858 on a web application?
The impact of CVE-2011-4858 is an increased CPU consumption leading to potential denial of service for the web application.
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apache
- canonical/tomcat
- version/tomcat/6.0.33
- version/tomcat/7.0.12
- version/tomcat/6.0.6
- version/tomcat/7.0.20
- version/tomcat/6.0.11
- version/tomcat/6.0.34
- version/tomcat/7.0.8
- version/tomcat/7.0.1
- version/tomcat/7.0.2
- version/tomcat/7.0.5
- version/tomcat/6.0.22
- version/tomcat/6.0.25
- version/tomcat/6.0.7
- version/tomcat/6.0.4
- version/tomcat/7.0.22
- version/tomcat/5.5.35
- version/tomcat/6.0.15
- version/tomcat/7.0.0
- version/tomcat/7.0.6
- version/tomcat/7.0.18
- version/tomcat/6.0.20
- version/tomcat/7.0.14
- version/tomcat/6.0.21
- version/tomcat/6.0.10
- version/tomcat/6.0.31
- version/tomcat/6.0.29
- version/tomcat/7.0.11
- version/tomcat/6.0.3
- version/tomcat/6.0.9
- version/tomcat/6.0.24
- version/tomcat/6.0.23
- version/tomcat/6.0.17
- version/tomcat/7.0.7
- version/tomcat/6.0.32
- version/tomcat/6.0.28
- version/tomcat/6.0.0
- version/tomcat/7.0.13
- version/tomcat/6.0.14
- version/tomcat/7.0.15
- version/tomcat/7.0.19
- version/tomcat/7.0.16
- version/tomcat/7.0.10
- version/tomcat/6.0.1
- version/tomcat/6.0.12
- version/tomcat/6.0.18
- version/tomcat/6.0.5
- version/tomcat/7.0.21
- version/tomcat/7.0.17
- version/tomcat/6.0.30
- version/tomcat/6.0.2
- version/tomcat/7.0.9
- version/tomcat/6.0.13
- version/tomcat/7.0.4
- version/tomcat/7.0.3
- version/tomcat/6.0.26
- version/tomcat/6.0.19
- version/tomcat/6.0.27
- version/tomcat/6.0.16
- version/tomcat/6.0.8