IBM WebSphere Application Server Hash Collision Denial of Service Vulnerability

Last Update Date: 18 Jan 2012 14:31 Release Date: 18 Jan 2012 4870 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

A vulnerability has been identified in IBM WebSphere Application Server, which can be exploited by malicious people to cause a DoS (Denial of Service).  The vulnerability is caused due to an error within a hash generation function when hashing form posts and updating a hash table. This can be exploited to cause a hash collision resulting in high CPU consumption via a specially crafted form sent in a HTTP POST request.

Impact

  • Denial of Service

System / Technologies affected

  • IBM WebSphere Application Server 6.1.x
  • IBM WebSphere Application Server 7.0.x
  • IBM WebSphere Application Server 8.0.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply APAR PM53930

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

IBM HTTP Server Multiple Vulnerabilities

18 Jan 2012 4779 Views

Next

Cisco Digital Media Manager Privilege Escalation Vulnerability

19 Jan 2012 4615 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY