NASLDB: Apache Tomcat 7.x < 7.0.23 Hash Collision Denial of Service
General
ID: 57541
Name: Apache Tomcat 7.x < 7.0.23 Hash Collision Denial of Service
Summary: Checks Apache Tomcat Version
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C
Port: 8080
Family: Web Servers
Type: Remote
Description
According to its self-reported version number, the instance of Apache
Tomcat 7.x listening on the remote host is earlier than 7.0.23 and is
therefore potentially affected by a denial of service vulnerability.
Large numbers of crafted form parameters can cause excessive CPU
consumption due to hash collisions.
Note that Nessus did not actually test for the flaw but instead has
relied on the version in Tomcat’s banner or error page.
Exploiting
Exploit Available: True
Exploitability Ease: Exploits are available
Sources
CVE: CVE-2011-4858
OSVDB: –
Bugtraq: 51200
scipID: –
Timeline
Vulnerability Disclosure: 2011/12/28
Patch Release: 2011/11/25
Plugin Release: 2012/01/13
Plugin
Version: 1.5
Filename: tomcat_7_0_23.nasl
Filesize: 4008 bytes
MD5 Hash: 559cef1b59e4e636369890b06aef35c5
Identification: tomcat/"port"/version_source
Require Keys: www/tomcat", "Settings/ParanoidReport
Dependencies: "tomcat_error_version.nasl"
Copyright: This script is Copyright© 2012 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack