Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Web Server/CGI)  >   Oracle WebLogic Vendors:   BEA Systems
WebLogic Bugs Let Remote Users Gain Access, Obtain Information, and Deny Service
SecurityTracker Alert ID:  1017525
SecurityTracker URL:
CVE Reference:   CVE-2007-0409, CVE-2007-0410, CVE-2007-0411, CVE-2007-0412, CVE-2007-0413, CVE-2007-0414, CVE-2007-0415, CVE-2007-0416, CVE-2007-0417, CVE-2007-0418, CVE-2007-0419, CVE-2007-0420, CVE-2007-0421, CVE-2007-0422, CVE-2007-0424, CVE-2007-0425   (Links to External Site)
Updated:  May 19 2008
Original Entry Date:  Jan 17 2007
Impact:   Denial of service via network, Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network

Version(s): 9.2 and prior versions
Description:   Several vulnerabilities were reported in WebLogic. A remote user can gain administrative privileges. A remote user can cause denial of service conditions. A remote user can obtain sensitive information.

A remote user can send specially crafted data to trigger a buffer overflow and execute arbitrary code on the target system.

A remote user can send specially crafted data to cause the target service to crash.

A remote user can obtain potentially sensitive information, such as MBeam passwords, various attributes, application files, user request data, and other information.

The specific BEA advisory numbers and descriptions are provided:

BEA07-136.00: JDBCDataSourceFactory MBean password field not encrypted

BEA07-137.00: Incorrect thread management may lead to server unavailability.

BEA07-138.00: Problem with certificate validation on WebLogic web service clients

BEA07-139.00: Application files are exposed when deploying via .ear or exploded .ear files.

BEA07-140.00: Sensitive attributes may be stored in clear-text after offline configuration

BEA07-141.00: Socket muxer threads may block when processing error pages under load.

BEA07-142.00: Dynamic updates to applications deployed as exploded jars may result in incorrect access checking

BEA07-143.00: WS-Security runtime fails to enforce decryption certificate

BEA07-144.00: Some EJB calls can be unintentionally executed with administrative privileges when using WebLogic Server 6.1 compatibility realm

BEA07-145.00: Permissions on EJB methods with array parameters may not be enforced

BEA07-146.00: Denial-of-service vulnerability in the proxy plug-in for Apache web server.

BEA07-147.00: Malformed HTTP requests may reveal data from previous requests

BEA07-148.00: Malformed headers may cause high disk consumption

BEA07-149.00: Security policy changes may not be seen by managed server.

BEA07-150.00: A Denial of Service attack is possible against a WebLogic Server running on Solaris 9

BEA07-152.00: Multiple vulnerabilities in WebLogic Server proxy plug-in for Netscape Enterprise Server

BEA07-155.00: An overflow condition may occur in products using BEA JRockit

Impact:   A remote user can execute arbitrary code on the target system.

A remote user can gain access to the system.

A remote user can cause denial of service conditions.

A remote user can obtain sensitive information.

Solution:   The vendor has issued several, separate fixes.

The original advisories are available at:

Cause:   Access control error, Boundary error, Exception handling error, State error
Underlying OS:  Linux (Red Hat Enterprise), Linux (SuSE), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (NT), Windows (2000), Windows (2003)

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC