Search for vulnerabilities
Vulnerability details: VCID-upmn-zueg-aaaj
Vulnerability ID VCID-upmn-zueg-aaaj
Aliases CVE-2011-5035
Summary Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-20 Improper Input Validation
System Score Found at
cvssv3.1 7.5 http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
generic_textual MODERATE http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
generic_textual MODERATE http://marc.info/?l=bugtraq&m=134254866602253&w=2
generic_textual MODERATE http://marc.info/?l=bugtraq&m=134254957702612&w=2
cvssv3.1 7.5 http://marc.info/?l=bugtraq&m=139344343412337&w=2
generic_textual MODERATE http://marc.info/?l=bugtraq&m=139344343412337&w=2
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-5035.html
rhas Critical https://access.redhat.com/errata/RHSA-2012:0135
rhas Critical https://access.redhat.com/errata/RHSA-2012:0139
rhas Important https://access.redhat.com/errata/RHSA-2012:0322
rhas Critical https://access.redhat.com/errata/RHSA-2012:0514
rhas Low https://access.redhat.com/errata/RHSA-2013:1455
epss 0.01884 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.01884 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.01884 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.01884 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.02522 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.02522 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.02522 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.02522 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.02522 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.02522 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.02647 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.02647 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.02647 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.02647 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.02647 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.52412 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
epss 0.62283 https://api.first.org/data/v1/epss?cve=CVE-2011-5035
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=771283
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5035
generic_textual MODERATE http://secunia.com/advisories/57126
generic_textual HIGH http://security.gentoo.org/glsa/glsa-201406-32.xml
generic_textual HIGH https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2011-5035
generic_textual Medium https://ubuntu.com/security/notices/USN-1373-1
generic_textual Medium https://ubuntu.com/security/notices/USN-1373-2
cvssv3.1 7.5 http://www.kb.cert.org/vuls/id/903934
generic_textual MODERATE http://www.kb.cert.org/vuls/id/903934
cvssv3.1 7.5 http://www.nruns.com/_downloads/advisory28122011.pdf
generic_textual MODERATE http://www.nruns.com/_downloads/advisory28122011.pdf
cvssv3.1 7.5 http://www.ocert.org/advisories/ocert-2011-003.html
generic_textual MODERATE http://www.ocert.org/advisories/ocert-2011-003.html
generic_textual MODERATE http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
Reference id Reference type URL
http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html
http://marc.info/?l=bugtraq&m=133364885411663&w=2
http://marc.info/?l=bugtraq&m=133847939902305&w=2
http://marc.info/?l=bugtraq&m=134254866602253&w=2
http://marc.info/?l=bugtraq&m=134254957702612&w=2
http://marc.info/?l=bugtraq&m=139344343412337&w=2
http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-5035.html
http://rhn.redhat.com/errata/RHSA-2012-0514.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5035.json
https://api.first.org/data/v1/epss?cve=CVE-2011-5035
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5035
http://secunia.com/advisories/48073
http://secunia.com/advisories/48074
http://secunia.com/advisories/48589
http://secunia.com/advisories/48950
http://secunia.com/advisories/57126
http://security.gentoo.org/glsa/glsa-201406-32.xml
https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16908
https://ubuntu.com/security/notices/USN-1373-1
https://ubuntu.com/security/notices/USN-1373-2
http://www.debian.org/security/2012/dsa-2420
http://www.kb.cert.org/vuls/id/903934
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.nruns.com/_downloads/advisory28122011.pdf
http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
771283 https://bugzilla.redhat.com/show_bug.cgi?id=771283
cpe:2.3:a:oracle:glassfish_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:glassfish_server:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:*
CVE-2011-4885;OSVDB-78115 Exploit http://www.ocert.org/advisories/ocert-2011-003.html
CVE-2011-5035 https://nvd.nist.gov/vuln/detail/CVE-2011-5035
GLSA-201401-30 https://security.gentoo.org/glsa/201401-30
GLSA-201406-32 https://security.gentoo.org/glsa/201406-32
RHSA-2012:0135 https://access.redhat.com/errata/RHSA-2012:0135
RHSA-2012:0139 https://access.redhat.com/errata/RHSA-2012:0139
RHSA-2012:0322 https://access.redhat.com/errata/RHSA-2012:0322
RHSA-2012:0514 https://access.redhat.com/errata/RHSA-2012:0514
RHSA-2013:1455 https://access.redhat.com/errata/RHSA-2013:1455
USN-1373-1 https://usn.ubuntu.com/1373-1/
USN-1373-2 https://usn.ubuntu.com/1373-2/
Data source Exploit-DB
Date added July 14, 2006
Description MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection
Ransomware campaign use Known
Source publication date July 15, 2006
Exploit type webapps
Platform php
Source update date Nov. 9, 2016
Data source Metasploit
Description This module uses a denial-of-service (DoS) condition appearing in a variety of programming languages. This vulnerability occurs when storing multiple values in a hash table and all values have the same hash value. This can cause a web server parsing the POST parameters issued with a request into a hash table to consume hours of CPU with a single HTTP request. Currently, only the hash functions for PHP and Java are implemented. This module was tested with PHP + httpd, Tomcat, Glassfish and Geronimo. It also generates a random payload to bypass some IDS signatures.
Note 
Stability:
  - crash-service-down
SideEffects: []
Reliability: []
Ransomware campaign use Unknown
Source publication date Dec. 28, 2011
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/dos/http/hashcollision_dos.rb
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://marc.info/?l=bugtraq&m=139344343412337&w=2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2011-5035
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.kb.cert.org/vuls/id/903934
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.nruns.com/_downloads/advisory28122011.pdf
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.ocert.org/advisories/ocert-2011-003.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.88160
EPSS Score 0.01884
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.