WebLogic Bugs Let Remote Users Gain Access, Obtain Information, and Deny Service

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Category: Application (Web Server/CGI) > Oracle WebLogic

Vendors: BEA Systems

WebLogic Bugs Let Remote Users Gain Access, Obtain Information, and Deny Service

SecurityTracker Alert ID: 1017525

SecurityTracker URL: http://securitytracker.com/id/1017525

CVE Reference: CVE-2007-0409, CVE-2007-0410, CVE-2007-0411, CVE-2007-0412, CVE-2007-0413, CVE-2007-0414, CVE-2007-0415, CVE-2007-0416, CVE-2007-0417, CVE-2007-0418, CVE-2007-0419, CVE-2007-0420, CVE-2007-0421, CVE-2007-0422, CVE-2007-0424, CVE-2007-0425 (Links to External Site)

Updated: May 19 2008

Original Entry Date: Jan 17 2007

Impact: Denial of service via network, Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network

Version(s): 9.2 and prior versions

Description: Several vulnerabilities were reported in WebLogic. A remote user can gain administrative privileges. A remote user can cause denial of service conditions. A remote user can obtain sensitive information.

A remote user can send specially crafted data to trigger a buffer overflow and execute arbitrary code on the target system.

A remote user can send specially crafted data to cause the target service to crash.

A remote user can obtain potentially sensitive information, such as MBeam passwords, various attributes, application files, user request data, and other information.

The specific BEA advisory numbers and descriptions are provided:

BEA07-136.00: JDBCDataSourceFactory MBean password field not encrypted

BEA07-137.00: Incorrect thread management may lead to server unavailability.

BEA07-138.00: Problem with certificate validation on WebLogic web service clients

BEA07-139.00: Application files are exposed when deploying via .ear or exploded .ear files.

BEA07-140.00: Sensitive attributes may be stored in clear-text after offline configuration

BEA07-141.00: Socket muxer threads may block when processing error pages under load.

BEA07-142.00: Dynamic updates to applications deployed as exploded jars may result in incorrect access checking

BEA07-143.00: WS-Security runtime fails to enforce decryption certificate

BEA07-144.00: Some EJB calls can be unintentionally executed with administrative privileges when using WebLogic Server 6.1 compatibility realm

BEA07-145.00: Permissions on EJB methods with array parameters may not be enforced

BEA07-146.00: Denial-of-service vulnerability in the proxy plug-in for Apache web server.

BEA07-147.00: Malformed HTTP requests may reveal data from previous requests

BEA07-148.00: Malformed headers may cause high disk consumption

BEA07-149.00: Security policy changes may not be seen by managed server.

BEA07-150.00: A Denial of Service attack is possible against a WebLogic Server running on Solaris 9

BEA07-152.00: Multiple vulnerabilities in WebLogic Server proxy plug-in for Netscape Enterprise Server

BEA07-155.00: An overflow condition may occur in products using BEA JRockit

Impact: A remote user can execute arbitrary code on the target system.

A remote user can gain access to the system.

A remote user can cause denial of service conditions.

A remote user can obtain sensitive information.

Cause: Access control error, Boundary error, Exception handling error, State error

Underlying OS: Linux (Red Hat Enterprise), Linux (SuSE), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (NT), Windows (2000), Windows (2003)

Message History: None.

Source Message Contents


[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
This web site uses cookies for web analytics. Learn More
Copyright 2020, SecurityGlobal.net LLC