|
Oracle WebLogic Server Apache Connector Buffer Overflow Vulnerability
|
|
Secunia Advisory:
|
SA31146
|
|
|
Release Date:
|
2008-07-21
|
|
Last Update:
|
2008-08-08
|
|
Popularity:
|
5,306 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | BEA WebLogic Server 10.x
BEA WebLogic Server 6.x
BEA WebLogic Server 7.x
BEA WebLogic Server 8.x
BEA WebLogic Server 9.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2008-3257
|
|
Description:
KingCope has reported a vulnerability in Oracle WebLogic Server (formerly Bea WebLogic Server), which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
The vulnerability is caused due to a boundary error within the Apache connector (mod_weblogic) and can be exploited to cause a stack-based buffer overflow via an overly long, specially crafted POST request.
Successful exploitation may allow execution of arbitrary code.
The vulnerability affects Apache Plug-ins dated prior to July 28 2008 and on the following WebLogic Server versions:
* WebLogic Server 10.0 released through Maintenance Pack 1, on all platforms
* WebLogic Server 9.2 released through Maintenance Pack 3, on all platforms
* WebLogic Server 9.1 on all platforms
* WebLogic Server 9.0 on all platforms
* WebLogic Server 8.1 released through Service Pack 6, on all platforms
* WebLogic Server 7.0 released through Service Pack 7 on all platforms
* WebLogic Server 6.1 released through Service Pack 7 on all platforms
Solution:
Install the latest web server plug-in or update to version 10.3 (please see updated BEA advisory for details).
ftp://anonymous:dev2dev%40bea.com@ftp...ebServerPlugins1.0.1136334-Apache.zip
Provided and/or discovered by:
KingCope
Changelog:
2008-07-28: Added CVE reference.
2008-07-29: Updated advisory based on additional information from Oracle. Updated "Solution" section. Removed version 5.x in affected software versions. Added links to Oracle in "Original Advisory" section.
2008-07-30: Added US-CERT link.
2008-08-08: Updated "Solution" section based on updated BEA advisory.
Original Advisory:
Oracle:
http://www.oracle.com/technology/deploy/security/alerts/alert_cve2008-3257.html
https://support.bea.com/application_c...portlets/securityadvisories/2793.html
http://milw0rm.com/exploits/6089
Other References:
US-CERT VU#716387:
http://www.kb.cert.org/vuls/id/716387
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
