APP: Oracle WebLogic Server Apache-Commons-FileUpload Library Insecure Deserialization
This signature detects attempts to exploit a known vulnerability against Oracle WebLogic Server. Successful exploitation can result in arbitrary file upload.
Extended Description
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.
Affected Products
Redhat openshift
References
CVE: CVE-2013-2186
Short Name
APP:ORACLE:WEBLOGIC-FILE-UPLOAD
Severity
Major
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
Apache-Commons-FileUpload CVE-2013-2186 Deserialization Insecure Library Oracle Server WebLogic
Release Date
08/18/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
Port
TCP/7001
False Positive
Unknown
Vendors
Redhat
Ubuntu
CVSS Score
7.5