CVE-2011-5035: Input Validation
First published: Fri Dec 30 2011(Updated: )
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle GlassFish Server | <=3.1.1 | |
| Oracle GlassFish Server | =2.1.1 | |
| Oracle GlassFish Server | =3.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
- http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html
- http://marc.info/?l=bugtraq&m=133364885411663&w=2
- http://marc.info/?l=bugtraq&m=133847939902305&w=2
- http://marc.info/?l=bugtraq&m=134254866602253&w=2
- http://marc.info/?l=bugtraq&m=134254957702612&w=2
- http://marc.info/?l=bugtraq&m=139344343412337&w=2
- http://rhn.redhat.com/errata/RHSA-2012-0514.html
- http://rhn.redhat.com/errata/RHSA-2013-1455.html
- http://secunia.com/advisories/48073
- http://secunia.com/advisories/48074
- http://secunia.com/advisories/48589
- http://secunia.com/advisories/48950
- http://secunia.com/advisories/57126
- http://security.gentoo.org/glsa/glsa-201406-32.xml
- http://www.debian.org/security/2012/dsa-2420
- http://www.kb.cert.org/vuls/id/903934
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
- http://www.nruns.com/_downloads/advisory28122011.pdf
- http://www.ocert.org/advisories/ocert-2011-003.html
- http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
- http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
- http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
- https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16908
Frequently Asked Questions
What is the severity of CVE-2011-5035?
CVE-2011-5035 is classified as a high severity vulnerability due to its potential for allowing remote attackers to exploit hash collisions.
How do I fix CVE-2011-5035?
To mitigate CVE-2011-5035, you should upgrade to the latest version of Oracle GlassFish Server that is not affected, beyond version 3.1.1.
Which versions of Oracle GlassFish Server are affected by CVE-2011-5035?
CVE-2011-5035 affects Oracle GlassFish Server versions 2.1.1, 3.0.1, and 3.1.1.
Can CVE-2011-5035 be exploited remotely?
Yes, CVE-2011-5035 can be exploited remotely, allowing attackers to trigger predictable hash collisions.
What type of attack does CVE-2011-5035 facilitate?
CVE-2011-5035 facilitates collision-based attacks that can manipulate input parameters to execute malicious actions.
- collector/nvd-index
- collector/nvd-historical
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/softwarecombine
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- agent/source
- vendor/oracle
- canonical/oracle glassfish server
- version/oracle glassfish server/3.1.1
- version/oracle glassfish server/2.1.1
- version/oracle glassfish server/3.0.1