Title: BEA Weblogic Proxy Multiple Buffer Overflow Vulnerabilities
Severity: HIGH
Description:
BEA Systems Inc. Weblogic server provides facilities to integrate it to third party web servers. This is accomplished by a plug-in that allows the third party web server to proxy requests to the Weblogic Server. As described in BEA's documentation plugins are supported for Netscape Enterprise Server, IIS and Apache in the form of dynamically loadable libraries.
These web servers can be configured to redirect requests for servlets and JSP files to a Weblogic server running on the same or on a different host. Several buffer overflows in these plugins provided by BEA Weblogic server allow a remote attacker to execute arbitrary code on the system running the proxying web server. The net result of this is remote execution of arbitrary code as the user running the proxying server (generally root on UNIX systems, SYSTEM on MS NT).
Affected Products:
- BEA Systems Weblogic Server 3.1.8
- BEA Systems Weblogic Server 4.0.0x
- BEA Systems Weblogic Server 4.5.0x
- BEA Systems Weblogic Server 5.1.0x
References:
- BEA Systems: BEA WebLogic Server Security Alerts
- BEA Systems: WebLogic Server JSP Configuration
- BEA Systems: Weblogic
- CORE: CORE SDI Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
