SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Your Ad Here
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Web Server/CGI)  >  WebLogic Vendors:  BEA Systems
WebLogic Bugs Let Remote Users Gain Access, Obtain Information, and Deny Service
SecurityTracker Alert ID:  1017525
SecurityTracker URL:  http://securitytracker.com/id?1017525
CVE Reference:  CVE-2007-0409 ,  CVE-2007-0410 ,  CVE-2007-0411 ,  CVE-2007-0412 ,  CVE-2007-0413 ,  CVE-2007-0414 ,  CVE-2007-0415 ,  CVE-2007-0416 ,  CVE-2007-0417 ,  CVE-2007-0418 ,  CVE-2007-0419 ,  CVE-2007-0420 ,  CVE-2007-0421 ,  CVE-2007-0422 ,  CVE-2007-0424 ,  CVE-2007-0425   (Links to External Site)
Updated:  May 19 2008
Original Entry Date:  Jan 17 2007
Impact:  Denial of service via network, Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Version(s): 9.2 and prior versions
Description:  Several vulnerabilities were reported in WebLogic. A remote user can gain administrative privileges. A remote user can cause denial of service conditions. A remote user can obtain sensitive information.

A remote user can send specially crafted data to trigger a buffer overflow and execute arbitrary code on the target system.

A remote user can send specially crafted data to cause the target service to crash.

A remote user can obtain potentially sensitive information, such as MBeam passwords, various attributes, application files, user request data, and other information.

The specific BEA advisory numbers and descriptions are provided:

BEA07-136.00: JDBCDataSourceFactory MBean password field not encrypted

BEA07-137.00: Incorrect thread management may lead to server unavailability.

BEA07-138.00: Problem with certificate validation on WebLogic web service clients

BEA07-139.00: Application files are exposed when deploying via .ear or exploded .ear files.

BEA07-140.00: Sensitive attributes may be stored in clear-text after offline configuration

BEA07-141.00: Socket muxer threads may block when processing error pages under load.

BEA07-142.00: Dynamic updates to applications deployed as exploded jars may result in incorrect access checking

BEA07-143.00: WS-Security runtime fails to enforce decryption certificate

BEA07-144.00: Some EJB calls can be unintentionally executed with administrative privileges when using WebLogic Server 6.1 compatibility realm

BEA07-145.00: Permissions on EJB methods with array parameters may not be enforced

BEA07-146.00: Denial-of-service vulnerability in the proxy plug-in for Apache web server.

BEA07-147.00: Malformed HTTP requests may reveal data from previous requests

BEA07-148.00: Malformed headers may cause high disk consumption

BEA07-149.00: Security policy changes may not be seen by managed server.

BEA07-150.00: A Denial of Service attack is possible against a WebLogic Server running on Solaris 9

BEA07-152.00: Multiple vulnerabilities in WebLogic Server proxy plug-in for Netscape Enterprise Server

BEA07-155.00: An overflow condition may occur in products using BEA JRockit
Impact:  A remote user can execute arbitrary code on the target system.

A remote user can gain access to the system.

A remote user can cause denial of service conditions.

A remote user can obtain sensitive information.
Solution:  The vendor has issued several, separate fixes.

The original advisories are available at:

http://dev2dev.bea.com/pub/advisory/203
http://dev2dev.bea.com/pub/advisory /204
http://dev2dev.bea.com/pub/advisory/205
http://dev2dev.bea.com/pub/advisory/206
http://dev2dev.bea.com/pub/advisory/207
http://dev2dev.bea.com/pub/advisory/208
http://dev2dev.bea.com/pub/advisory/209
http://dev2dev.bea.com/pub/advisory/210
http://dev2dev.bea.com/pub/advisory/211
http://dev2dev.bea.com/pub/advisory/212
http: //dev2dev.bea.com/pub/advisory/213
http://dev2dev.bea.com/pub/advisory/214
http://dev2dev.bea.com/pub/advisory/215
http://dev2dev.bea.com/pub/advisory/216
http://dev2 dev.bea.com/pub/advisory/217
http://dev2dev.bea.com/pub/advisory/219
http://dev2dev.bea.com/pub/advisory/222
Cause:  Access control error, Boundary error, Exception handling error, State error
Underlying OS:  Linux (Red Hat Enterprise), Linux (SuSE), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (NT), Windows (2000), Windows (2003)

Message History:   None.

 Source Message Contents
Date:  Wed, 17 Jan 2007 00:03:33 -0500
Subject:  BEA WebLogic

 
 
http://dev2dev.bea.com/pub/advisory/203
http://dev2dev.bea.com/pub/advisory/204
http://dev2dev.bea.com/pub/advisory/205
http://dev2dev.bea.com/pub/advisory/206
http://dev2dev.bea.com/pub/advisory/207
http://dev2dev.bea.com/pub/advisory/208
http://dev2dev.bea.com/pub/advisory/209
http://dev2dev.bea.com/pub/advisory/210
http://dev2dev.bea.com/pub/advisory/211
http://dev2dev.bea.com/pub/advisory/212
http://dev2dev.bea.com/pub/advisory/213
http://dev2dev.bea.com/pub/advisory/214
http://dev2dev.bea.com/pub/advisory/215
http://dev2dev.bea.com/pub/advisory/216
http://dev2dev.bea.com/pub/advisory/217
http://dev2dev.bea.com/pub/advisory/219
http://dev2dev.bea.com/pub/advisory/222


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2007, SecurityGlobal.net LLC