This script is Copyright (C) 2008-2012 Tenable Network Security, Inc.
The remote web server uses a module that is affected by a buffer
The Apache web server running on the remote host includes a version of
the WebLogic plug-in for Apache (mod_wl) that is affected by a buffer
overflow. This is an Apache module included with Oracle (formerly BEA)
WebLogic Server and used to proxy requests from an Apache HTTP server
to WebLogic. A remote attacker can leverage this issue to execute
arbitrary code on the remote host.
Note that Nessus has not tried to exploit this issue but rather has
only checked the affected module's build timestamp. As a result, it
will not detect if the remote implements one of the workarounds
published by Oracle in its advisory. Still, it should be noted that
the vendor strongly recommends updating the plug-in.
Install the latest web server plug-in as described in the vendor
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.8
Public Exploit Available : true