SecurityTracker.com Archives - BEA WebLogic Bug Lets Applications Remove EJB Objects Without Permission

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us | Help |

SecurityTracker
Archives

Welcome to SecurityTracker!

Click to Sign Up

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Sign Up!

Category: Application (Web Server/CGI) > WebLogic

Vendors: BEA Systems

BEA WebLogic Bug Lets Applications Remove EJB Objects Without Permission

SecurityTracker Alert ID: 1009897

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: Apr 21 2004

Impact: Denial of service via network, Modification of system information, Modification of user information

Fix Available: Yes Vendor Confirmed: Yes

Version(s): Prior to 8.1 SP2, 7.0 SP4, and 6.1 SP6

Description: A vulnerability was reported in BEA WebLogic Server and Express. A remote authenticated user can write an application that will be able to remove arbitrary EJB objects.

BEA Systems reported that an application can call the remove() method of a stateful EJB with a remote view to remove the object, regardless of whether the application has permisions to remove the object.

An exception is thrown, but the system should perform this before unexporting the bean, the report said.

The vendor indicates that the threat level is "Low" but the severity is "High".

The original advisory is available at:

http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_57.00.jsp

Impact: A remote authenticated user with privileges to write an application can delete EBJ objects, causing denial of service conditions.

Solution: For WebLogic Server and WebLogic Express version 8.1, upgrade to 8.1 SP2 and install the patch:

ftp://ftpna.beasys.com/pub/releases/security/CR134122_810sp2.jar

For WebLogic Server and WebLogic Express version 7.0, upgrade to 7.0 SP5.

For WebLogic Server and WebLogic Express version 6.1, upgrade to 6.1 SP6 and apply the following patch:

ftp://ftpna.beasys.com/pub/releases/security/CR134122_610sp6.jar

Version 8.1 SP3 and 6.1 SP7 will reportedly include the fix.

Vendor URL: dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_57.00.jsp (Links to External Site)

Cause: Access control error

Underlying OS: Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), UNIX (Tru64), Windows (NT), Windows (2000)

Message History: None.

Source Message Contents

 

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2004, SecurityGlobal.net LLC