SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#716387

Oracle Weblogic Apache connector vulnerable to buffer overflow

Overview

Oracle Weblogic (formerly BEA Weblogic) contains a vulnerability which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

I. Description

Oracle Weblogic Server and Weblogic Express applicaiton servers can be integrated with the Apache webserver using the Weblogic Apache connector plugin (mod_wl). A buffer overflow exists in Weblogic Server and Weblogic Express due to the way that the Apache connector plugin handles specially crafted POST requests. According to Oracle Security Advisory for CVE-2008-3257:

    The following versions of WebLogic Server and WebLogic Express are affected by this vulnerability

    Apache Plug-ins dated prior to July 28 2008 which implies:

      • WebLogic Server 10.0 released through Maintenance Pack 1, on all platforms
      • WebLogic Server 9.2 released through Maintenance Pack 3, on all platforms
      • WebLogic Server 9.1 on all platforms
      • WebLogic Server 9.0 on all platforms
      • WebLogic Server 8.1 released through Service Pack 6, on all platforms
      • WebLogic Server 7.0 released through Service Pack 7 on all platforms
      • WebLogic Server 6.1 released through Service Pack 7 on all platforms

II. Impact

A remote, unauthenticated attacker may be able to execute arbitrary code.

III. Solution

Apply a patch

Patches have been released to address this issue. Refer to Oracle Security Advisory for CVE-2008-3257 for more information.
Reconfigure Apache

According to Oracle Security Advisory for CVE-2008-3257:

    It is possible to configure Apache and avert this vulnerability by rejecting certain invalid requests. To do so, add the following parameter to the httpd.conf file and restart Apache:

    LimitRequestLine 4000

Install the mod_security module

Oracle suggests installing the mod_security module, which is available in open source from http://www.modsecurity.org/.

More information about these workarounds is provided in Oracle Security Advisory for CVE-2008-3257.

Systems Affected
VendorStatusDate NotifiedDate Updated
Oracle CorporationVulnerable29-Jul-2008

References


https://support.bea.com/application_content/product_portlets/securityadvisories/2793.html
http://secunia.com/advisories/31146/
http://milw0rm.com/exploits/6089
http://www.modsecurity.org/

Credit

This vulnerabilty was reported by KingCope.

This document was written by Chris Taschner.

Other Information

Date Public:2008-07-21
Date First Published:2008-07-29
Date Last Updated:2008-08-06
CERT Advisory: 
CVE-ID(s):CVE-2008-3257
NVD-ID(s):CVE-2008-3257
US-CERT Technical Alerts: 
Metric:17.32
Document Revision:8

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2008 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader