MiracleLinux 3 : tomcat5-5.5.23-0jpp.31.0.1.AXS3 (AXSA:2012-510:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-510:02 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Jav...

MiracleLinux 4 : tomcat6-6.0.24-36.AXS4 (AXSA:2012-515:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-515:02 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Jav...

SUSE CVE-2011-4858

Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...

Security Bulletin: Multiple vulnerabilities in IBM Cognos BI 8.4.1,10.1, 10.1.1 and 10.2 (CVE-2011-3026, CVE-2011-4858, CVE-2012-0498, CVE-2012-2177, CVE-2012-2193, CVE-2012-4835, CVE-2012-4836, CVE-2012-4837, CVE-2012-4840, CVE-2012-4858, CVE-2012-5081)

Summary Several security vulnerabilities have been identified in IBM Cognos BI which may allowing remote attackers to: - Cause a denial of service condition via excessive CPU consumption, - Inject arbitrary JavaScript code into the victim's web browser, - Download arbitrary XML files from the...

SUSE: Security Advisory (SUSE-SU-2012:0144-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-4858

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/hashcollisiondos.rb 2025-02-06 03:13:40+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:08:59+00:00| seen|...

Oracle: Security Advisory (ELSA-2012-0474)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Solaris Third-Party Patch Update : tomcat (multiple_denial_of_service_dos)

The remote Solaris system is missing necessary patches to address security updates : - Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attacke...

openSUSE Security Update : tomcat6 (openSUSE-SU-2012:0103-1)

The apache tomcat was vulnerable to a hash collision attack which allowed remote attackers to mount DoS attacks. CVE-2011-4858 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

openSUSE Security Update : tomcat6 (openSUSE-SU-2012:0103-1)

The apache tomcat was vulnerable to a hash collision attack which allowed remote attackers to mount DoS attacks. CVE-2011-4858 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

Apache Tomcat Parameter Hash Collision Denial of Service - Ver2 (CVE-2011-4858)

A denial-of-service vulnerability has been reported in Apache Software Foundation Tomcat. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

Oracle Linux 5 : tomcat5 (ELSA-2012-0474)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0474 advisory. - Resolves: CVE-2012-0022, CVE-2011-4858 - Resolves CVE-2011-0013 rhbz 675933 - Resolves CVE-2011-3718 rhbz 675933 - Resolves CVE-2011-1184 rhbz 744984...

RHEL 5 / 6 : jbossweb (RHSA-2012:0074)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0074 advisory. - tomcat: Multiple weaknesses in HTTP DIGEST authentication CVE-2011-1184, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064 - tomcat: securit...

Gentoo Security Advisory GLSA 201206-24 (apache tomcat)

The remote host is missing updates announced in advisory GLSA 201206-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Mandriva Update for tomcat5 MDVSA-2012:085 (tomcat5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Scientific Linux Security Update : tomcat6 on SL6.x (20120411)

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was found that the Java hashCode method implementation was susceptible to predictable hash collisions. A remote attacker could use this flaw to cause Tomcat to use an excessive amount of CPU time b...

Scientific Linux Security Update : tomcat5 on SL5.x i386/x86_64 (20120411)

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was found that the Java hashCode method implementation was susceptible to predictable hash collisions. A remote attacker could use this flaw to cause Tomcat to use an excessive amount of CPU time b...

CentOS Update for tomcat5 CESA-2012:0474 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for tomcat6 RHSA-2012:0475-01

Check for the Version of tomcat6 OpenVAS Vulnerability Test RedHat Update for tomcat6 RHSA-2012:0475-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Moderate: Red Hat Security Advisory: tomcat6 security and bug fix update

Updated tomcat6 packages that fix multiple security issues and three bugs are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System...