SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   Oracle WebLogic Vendors:   BEA Systems
BEA WebLogic Integration Directory Traversal Bug Lets Remote Users List Certain Directories
SecurityTracker Alert ID:  1018059
SecurityTracker URL:  http://securitytracker.com/id/1018059
CVE Reference:   CVE-2007-2705   (Links to External Site)
Updated:  May 16 2007
Original Entry Date:  May 15 2007
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 8.1 SP2 through SP6, 9.2
Description:   A vulnerability was reported in WebLogic Integration. A remote user can list certain directories on the target system.

In development mode, a remote user can supply a specially crafted request to the WebLogic Workshop Test View function to list parent directories to the WebLogic Workshop Directory (wlwdir).

The WebLogic Workshop Test View console should always be disabled in a production environment.

Version 9.2 is only affected if the application is deployed explicitly in an exploded form (not the default configuration for that version).

Impact:   A remote user can list certain directories on the target system.
Solution:   The vendor has issued fixes and provided the following solution instructions.

For WebLogic Integration version 9.2, upgrade to WebLogic Integration 9.2 Maintenance Pack 1.

For WebLogic Workshop/Integration version 8.1, upgrade to WebLogic Workshop/Integration 8.1 SP6 and install the following patch:

ftp://anonymous:dev2dev%40bea.com@ftpna.bea.com/pub/releases/security/CR299065_SP6.jar

Place the jar for the patch in the CLASSPATH before the weblogic.jar file.

The BEA advisory is available at:

http://dev2dev.bea.com/pub/advisory/239

Vendor URL:  dev2dev.bea.com/pub/advisory/239 (Links to External Site)
Cause:   Access control error, Input validation error
Underlying OS:  Linux (Red Hat Enterprise), Linux (SuSE), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (NT), Windows (2000), Windows (2003)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC