CVE-2011-4858 Information

Description

Apache Tomcat before 5.5.35 6.x before 6.0.35 and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

Reference

http://mail-archives.apache.org/mod_mbox/tomcat-announce/201112.mbox/3c4EFB9800.5010106@apache.org3e http://marc.info/?l=bugtraq&m=132871655717248&w=2 http://marc.info/?l=bugtraq&m=133294394108746&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://rhn.redhat.com/errata/RHSA-2012-0074.html http://rhn.redhat.com/errata/RHSA-2012-0075.html http://rhn.redhat.com/errata/RHSA-2012-0076.html http://rhn.redhat.com/errata/RHSA-2012-0077.html http://rhn.redhat.com/errata/RHSA-2012-0078.html http://rhn.redhat.com/errata/RHSA-2012-0089.html http://rhn.redhat.com/errata/RHSA-2012-0325.html http://rhn.redhat.com/errata/RHSA-2012-0406.html http://secunia.com/advisories/48549 http://secunia.com/advisories/48790 http://secunia.com/advisories/48791 http://secunia.com/advisories/54971 http://secunia.com/advisories/55115 http://tomcat.apache.org/tomcat-7.0-doc/changelog.html http://www.debian.org/security/2012/dsa-2401 http://www.kb.cert.org/vuls/id/903934 http://www.nruns.com/_downloads/advisory28122011.pdf http://www.ocert.org/advisories/ocert-2011-003.html http://www.securityfocus.com/bid/51200 https://bugzilla.redhat.com/show_bug.cgi?id=750521 https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A18886