Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.Install Now
Available for macOS, Windows, and Linux
Oracle GlassFish Server Hash Collision Denial of Service Vulnerability
Denial of Service
11 years ago
4 years ago
The host is running GlassFish Server and is prone to denial of service vulnerability.
The flaw is due to an error within a hash generation function when hashing form posts and updating a hash table. This can be exploited to cause a hash collision resulting in high CPU consumption via a specially crafted form sent in a HTTP POST request.
Oracle GlassFish version 3.1.1 and prior.
Apply the updates from the referenced advisory.