15 matches found
Linux Distros Unpatched Vulnerability : CVE-2011-4461
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote...
RHEL 6 : jetty-eclipse (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - jetty: hash table collisions CPU usage DoS oCERT-2011-003 CVE-2011-4461 Note that Nessus has not tested for this...
Security Bulletin: Potential Denial of Service (DoS) security vulnerability in IBM Sterling External Authentication Server
Abstract Potential Denial of Service DoS security vulnerability in IBM Sterling External Authentication Server due to a Java HashTable security vulnerability in Jetty CVE-2011-4461. Content SUMMARY: Potential Denial of Service DoS security vulnerability in IBM Sterling External Authentication...
Security Bulletin: Denial of service in IBM InfoSphere Data Replication Dashboard (CVE-2011-4461)
Abstract InfoSphere Data Replication Dashboard includes Jetty which has a known security vulnerability that can lead to a denial of service. Content VULNERABILITY DETAILS: CVE ID: CVE-2011-4461 DESCRIPTION: An attacker, using specially crafted HTTP requests, can cause up to 100% CPU usage,...
Security Bulletin: Potential Denial of Service (DoS) security vulnerability in IBM Sterling Connect:Enterprise for UNIX
Abstract Potential Denial of Service DoS security vulnerability in IBM Sterling Connect:Enterprise for UNIX due to a Java HashTable security vulnerability in Jetty CVE-2011-4461. Content SUMMARY: Potential Denial of Service DoS security vulnerability in IBM Sterling Connect:Enterprise for UNIX du...
Security Bulletin: Potential Denial of Service security vulnerability in Rational Synergy (CVE-2011-4461)
Summary Potential Denial of Service DoS security vulnerability in IBM Rational Synergy due to a Java HashTable security vulnerability in Jetty CVE-2011-4461. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for mo...
openSUSE Security Update : jetty5 (openSUSE-2012-128)
jetty5 was prone to a remotely exploitable Denial of Service flaw via hash collisions %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-128. The text description of this plugin is ...
openSUSE Security Update : jetty5 (openSUSE-SU-2012:0262-1)
jetty5 was prone to a remotely exploitable Denial of Service flaw via hash collisions CVE-2011-4461. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update jetty5-5813. The text description of this...
Moderate: Red Hat Security Advisory: Fuse MQ Enterprise 7.1.0 update
Fuse MQ Enterprise 7.1.0, which fixes one security issue, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, whi...
Fedora 16 : jetty-6.1.26-8.fc16 (2012-0730)
Back-port of upstream jetty patches for CVE-2011-4461 - hash table collisions DoS. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 15 : jetty-6.1.26-7.fc15 (2012-0752)
Back-port of upstream jetty patches for CVE-2011-4461, hash DOS. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing addition...
Fedora Update for jetty FEDORA-2012-0730
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for jetty FEDORA-2012-0752
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2011-4461
CVE-2011-4461 affects Jetty (e.g., Jetty 8.1.0.RC2 and earlier). The vulnerability arises from hash table collisions in Jetty’s handling of form parameters, enabling a remote attacker to cause CPU exhaustion/DoS by sending crafted parameters. IBM and related advisories consistently describe the D...
CVE-2011-4461
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...