SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Web Server/CGI)  >  WebLogic Vendors:  BEA Systems
BEA WebLogic May Disclose MBean Passwords to Operators in Certain Cases
SecurityTracker Alert ID:  1008867
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jan 27 2004
Impact:  Disclosure of authentication information, User access via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Version(s): 8.1 (including SP1)
Description:  A vulnerability was reported in BEA WebLogic Server and Express. An authenticated Operator may be able to gain access to passwords that can, in turn, allow the user to gain administrative access on the application.

It is reported that a user in the Operator role that is not also in the Admin role may (incorrectly) have access to certain sensitive MBean attributes containing passwords, including the ServerStartMBean.Password and the NodeManagerMBean.CertificatePassword.

With those passwords, the user can gain full administrative control of the server, according to the vendor.

This vulnerability affects sites with users who are in the Operator role and not in the Admin role, the report said.
Impact:  An authenticated Operator can gain administrative access to the application.
Solution:  The vendor has released a fix (Service Pack 2) for WebLogic Server and Express 8.1.
Vendor URL:  dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_49.00.jsp (Links to External Site)
Cause:  Access control error
Underlying OS:  Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), UNIX (Tru64), Windows (NT), Windows (2000)

Message History:   None.

 Source Message Contents
Date:  Tue, 27 Jan 2004 01:20:53 -0500
Subject:  http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_49.00.jsp

 

http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_49.00.jsp

 > SECURITY ADVISORY (BEA04-49.00)

 > Minor Subject: Upgrade available to protect Administrative permissions

A vulnerability was reported in BEA WebLogic Server and Express.  A user in the Operator 
role that is not also in the Admin role may (incorrectly) have access to certain sensitive 
MBean attributes containing passwords, including the ServerStartMBean.Password and the 
NodeManagerMBean.CertificatePassword.

With those passwords, the user can gain full administrative control of the server.

This vulnerability affects sites with users who are in the Operator role and not in the 
Admin role.

Version 8.1 is affected, including Service Pack 1.

The vendor has released a fix (Service Pack 2) for WebLogic Server and Express 8.1.


 > Threat level: Low - Only an Operator can exploit it.
 > Severity: High - The user can acquire some administrative permissions.


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2004, SecurityGlobal.net LLC