BEA WebLogic May Disclose Managed Server Password to Local Users
|
|
SecurityTracker Alert ID: 1008869
|
|
SecurityTracker URL: http://securitytracker.com/id?1008869
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Updated: Mar 29 2005
|
Original Entry Date: Jan 27 2004
|
Impact: Disclosure of authentication information
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 8.1 (SP2 and prior), 7.0 (SP5 and prior), 6.1 (SP6 and prior)
|
Description: A vulnerability was reported in BEA's WebLogic Server and Express. The system may write the username and password used to start a managed server to a file in clear text.
This behavior may occur when the node manager attempts to start a managed server but the managed server fails early in the boot process. Customers that use the managed server node manager are affected.
|
Impact: A local user may be able to view the managed server password.
|
Solution: In January 2004, BEA issued fixes (described in BEA04-51.00). In March 2005, BEA issued a revised fix for version 7.0 (described
in BEA05-51.01, which supercedes BEA04-51.00).
The latest fixes are listed below.
For WebLogic Server and Express 8.1, upgrade
to Service Pack 2 and apply the following patch:
ftp://ftpna.beasys.com/pub/releases/security/CR127930_81sp2.zip
The patch
will be included in Service Pack 3.
For WebLogic Server and Express 7.0, upgrade to Service Pack 5 and apply the patch:
ftp://ftpna.beasys.com/pub/releases/securi
ty/CR127930_70sp5.zip
The fix will be included in Service Pack 6 is available.
For WebLogic Server and Express 6.1, upgrade
to Service Pack 6 and apply the patch:
ftp://ftpna.beasys.com/pub/releases/security/CR127930_61sp6.zip
The patch will be included
within Service Pack 7.
|
Vendor URL: dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA05_51.01.jsp (Links to External Site)
|
Cause: Access control error, Exception handling error
|
Underlying OS: Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), UNIX (Tru64), Windows (NT), Windows (2000)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 27 Jan 2004 01:31:46 -0500
Subject: http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_51.00.jsp
|
http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_51.00.jsp
> SECURITY ADVISORY (BEA04-51.00)
> Minor Subject: Patches available to protect password
A vulnerability was reported in BEA's WebLogic Server and Express. The system may write
the username and password used to start a managed server to a file. The vendor reports
that this may occur when the node manager attempts to start a managed server but the
managed server fails early in the boot process. Customers that use the managed server
node manager are affected.
The following versions of WebLogic Server and Express are affected:
* WebLogic Server and Express 8.1, released through Service Pack 2, on all platforms
* WebLogic Server and Express 7.0, released through Service Pack 4, on all platforms
* WebLogic Server and Express 6.1, released through Service Pack 6, on all platforms
BEA has issued fixes.
- For WebLogic Server and Express 8.1, upgrade to Service Pack 2 and apply the following
patch:
ftp://ftpna.beasys.com/pub/releases/security/CR127930_81sp2.zip
The patch will be included in Service Pack 3.
- For WebLogic Server and Express 7.0, upgrade to Service Pack 4 and apply the patch:
ftp://ftpna.beasys.com/pub/releases/security/CR127930_70sp4.zip
The fix will be included in Service Pack 5 is available.
- For WebLogic Server and Express 6.1, upgrade to Service Pack 6 and apply the patch:
ftp://ftpna.beasys.com/pub/releases/security/CR127930_61sp6.zip
The patch will be included within Service Pack 7.
--
> Threat level: Low - to be exploited, an attacker must be on a machine that is running a
> managed server and must be able to time their attack with boot errors in the managed
> server.
> Severity: High - the attacker can gain access to an Operator or Admin password.
|
|
