CVE-2011-5034

MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461.

Apache Geronimo v2.2.1 y anteriores calcula los valores hash de los parámetros de forma, sin restringir la capacidad de desencadenar colisiones hash predecible, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) mediante el envío de gran cantidad de parámetros a mano. NOTA: este podría superponerse CVE-2011-4461.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2006-07-15 First Exploit
2011-12-29 CVE Reserved
2011-12-30 CVE Published
2024-08-07 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-20: Improper Input Validation

CAPEC

References (24)

URL	Tag	Source
http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html	Mailing List
http://secunia.com/advisories/47412	Third Party Advisory
http://www.kb.cert.org/vuls/id/903934	Third Party Advisory
http://www.nruns.com/_downloads/advisory28122011.pdf	X_refsource_misc
http://www.ocert.org/advisories/ocert-2011-003.html	X_refsource_misc
https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py	X_refsource_misc
https://lists.apache.org/thread.html/r20957aa5962a48328f199e2373f408aeeae601a45dd5275a195e2b6e%40%3Cjava-dev.axis.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r360b70489bad65286b49ceb5303a849d2a7ec7d1292774a7259579e1%40%3Cissues.karaf.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r3c541f019b74902e8e61d73e40ecc2837dfce1b744ad5546919b993c%40%3Cissues.karaf.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r4fe6b5ff1d48e23337304fd5ac983d89328aecbd1fa198cfc966fbd7%40%3Cdev.geronimo.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r653f633aa7b6ccbb8c338dbfcea7a00e4ae9d6f3e064a03cab8dc20d%40%3Cjava-dev.axis.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r67747af92035942c9c413bd8394acbb8a1ace5833c0177014c825bc2%40%3Cissues.karaf.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r8dc1a0ae0e0cf9d2494b8cbd66562f99331c4cf635e7781850a9b9ba%40%3Cjava-dev.axis.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/ra10015f6f3c3c88b7d813383554e87c06347fe163487148669189b8e%40%3Cdev.geronimo.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/ra1fe29f6399b68980f914d8613dee7f67d62a1a97722fe9cd56f4f5f%40%3Cdev.geronimo.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rb0e85243d7268f1d7a1edb5e6c7df885dbd300acabaaf4cb0e880518%40%3Cissues.karaf.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rdd67ea3e489134f653349fc2cb09828ac8462aa61dd776b505a3297a%40%3Cissues.karaf.apache.org%3E	Mailing List
http://ocert.org/advisories/ocert-2011-003.html
https://web.archive.org/web/20120105151644/http://www.nruns.com/_downloads/advisory28122011.pdf
https://fahrplan.events.ccc.de/congress/2011/Fahrplan/events/4680.en.html
https://fahrplan.events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf
https://www.youtube.com/watch?v=R2Cq3CLI6H8

URL	Date	SRC
https://packetstorm.news/files/id/180523	2024-08-31
https://www.exploit-db.com/exploits/2012	2006-07-15

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				<= 2.2.1 Search vendor "Apache" for product "Geronimo" and version " <= 2.2.1"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				1.0 Search vendor "Apache" for product "Geronimo" and version "1.0"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				1.1 Search vendor "Apache" for product "Geronimo" and version "1.1"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				1.1.1 Search vendor "Apache" for product "Geronimo" and version "1.1.1"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				1.2 Search vendor "Apache" for product "Geronimo" and version "1.2"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				2.0.1 Search vendor "Apache" for product "Geronimo" and version "2.0.1"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				2.0.2 Search vendor "Apache" for product "Geronimo" and version "2.0.2"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				2.1 Search vendor "Apache" for product "Geronimo" and version "2.1"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				2.1.1 Search vendor "Apache" for product "Geronimo" and version "2.1.1"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				2.1.2 Search vendor "Apache" for product "Geronimo" and version "2.1.2"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				2.1.3 Search vendor "Apache" for product "Geronimo" and version "2.1.3"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				2.1.4 Search vendor "Apache" for product "Geronimo" and version "2.1.4"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				2.1.5 Search vendor "Apache" for product "Geronimo" and version "2.1.5"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				2.1.6 Search vendor "Apache" for product "Geronimo" and version "2.1.6"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				2.1.7 Search vendor "Apache" for product "Geronimo" and version "2.1.7"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				2.1.8 Search vendor "Apache" for product "Geronimo" and version "2.1.8"		-		Affected
Apache Search vendor "Apache"		Geronimo Search vendor "Apache" for product "Geronimo"				2.2 Search vendor "Apache" for product "Geronimo" and version "2.2"		-		Affected