Oracle WebLogic Server Plug-in Remote Overflow (1166189)

critical Nessus Plugin ID 35374

Synopsis

The remote web server uses a module that is affected by a buffer overflow vulnerability.

Description

The remote web server is using the WebLogic plug-in for Apache, IIS, or Sun web servers, a module included with Oracle (formerly BEA) WebLogic Server and used to proxy requests from an HTTP server to WebLogic.

The version of this plug-in on the remote host is affected by an as-yet unspecified buffer overflow that is triggered when processing a specially crafted request. An unauthenticated, remote attacker can leverage this issue to execute arbitrary code on the remote host.

Note that Nessus has not tried to exploit this issue but rather has only checked the affected plug-in's change number / build timestamp.

Solution

Install the latest web server plug-in as described in the vendor advisory above.

See Also

http://www.nessus.org/u?2b7fdf57

https://securitytracker.com/id?1021571

Plugin Details

Severity: Critical

ID: 35374

File Name: weblogic_plug_in_1166189.nasl

Version: 1.25

Type: remote

Family: Web Servers

Published: 1/15/2009

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:oracle:weblogic_server

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Exploitable With

Core Impact

Metasploit (BEA WebLogic JSESSIONID Cookie Value Overflow)

Elliot (Oracle Secure Backup 10.2.0.2 RCE (Windows))

Reference Information

CVE: CVE-2008-5457

BID: 33177

Secunia: 33526