|
|
BEA WebLogic内部Servlet输入验证漏洞
发布时间:2003-03-28
更新时间:2003-03-28
严重程度:高
威胁程度:普通用户访问权限
错误类型:输入验证错误
利用方式:服务器模式
BUGTRAQ ID:7122
受影响系统BEA Systems Weblogic Server 6.0 SP 2
-HP HP-UX 10.20
-HP HP-UX 11.0
-IBM AIX 4.2
-IBM AIX 4.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0
-Microsoft Windows NT Enterprise Server 4.0 SP1
-Microsoft Windows NT Enterprise Server 4.0 SP2
-Microsoft Windows NT Enterprise Server 4.0 SP3
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0
-Microsoft Windows NT Server 4.0 SP1
-Microsoft Windows NT Server 4.0 SP2
-Microsoft Windows NT Server 4.0 SP3
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0
-Microsoft Windows NT Workstation 4.0 SP1
-Microsoft Windows NT Workstation 4.0 SP2
-Microsoft Windows NT Workstation 4.0 SP3
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 5.1
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.0 SP 1
-HP HP-UX 10.20
-HP HP-UX 11.0
-IBM AIX 4.2
-IBM AIX 4.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0
-Microsoft Windows NT Enterprise Server 4.0 SP1
-Microsoft Windows NT Enterprise Server 4.0 SP2
-Microsoft Windows NT Enterprise Server 4.0 SP3
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0
-Microsoft Windows NT Server 4.0 SP1
-Microsoft Windows NT Server 4.0 SP2
-Microsoft Windows NT Server 4.0 SP3
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0
-Microsoft Windows NT Workstation 4.0 SP1
-Microsoft Windows NT Workstation 4.0 SP2
-Microsoft Windows NT Workstation 4.0 SP3
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 5.1
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.0
-Apache Software Foundation Apache 1.3.9
-Apache Software Foundation Apache 1.3.9 win32
-Apache Software Foundation Apache 1.3.12
-C2Net StrongHold Web Server 3.0
-HP HP-UX 10.20
-HP HP-UX 11.0
-IBM AIX 4.2
-IBM AIX 4.3
-Microsoft IIS 4.0
-Microsoft IIS 5.0
-Microsoft Windows 2000 Workstation
-Microsoft Windows 98
-Microsoft Windows NT 4.0
-RedHat Linux 5.1
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.1 SP 4
BEA Systems Weblogic Server 6.1 SP 3
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6 sparc
-Sun Solaris 2.7 sparc
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.1 SP 2
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT 4.0 SP4
-Microsoft Windows NT 4.0 SP5
-Microsoft Windows NT 4.0 SP6
-Microsoft Windows NT 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6 sparc
-Sun Solaris 2.7 sparc
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.1 SP 1
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT 4.0 SP4
-Microsoft Windows NT 4.0 SP5
-Microsoft Windows NT 4.0 SP6
-Microsoft Windows NT 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6 sparc
-Sun Solaris 2.7 sparc
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.1
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT 4.0 SP4
-Microsoft Windows NT 4.0 SP5
-Microsoft Windows NT 4.0 SP6
-Microsoft Windows NT 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6 sparc
-Sun Solaris 2.7 sparc
-Sun Solaris 8.0
BEA Systems Weblogic Server 7.0 SP 2
BEA Systems Weblogic Server 7.0 SP 1
BEA Systems Weblogic Server 7.0
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6 sparc
-Sun Solaris 2.7 sparc
-Sun Solaris 8.0 详细描述
WebLogic的Web管理界面使用的内部servlet存在一个输入验证漏洞, 远程攻击者可能利用这个内部servlet的漏洞上传恶意文件到服务器或获取文件中的敏感信息,更进一步将导致执行任意命令。BEA WebLogic Express可能也受此漏洞影响。
解决方案
临时解决方案是对管理界面端口做访问限制,只有可信用户才能访问。
厂商已经发布了补丁:
BEA Systems Weblogic Server 6.0 SP 2:
BEA Systems Patch CR096950_60sp2rp3.zip
ftp://ftpna.beasys.com/pub/releases/security/CR096950_60sp2rp3.zip
WebLogic Server and Express 6.0 Service Pack 2 Rolling Patch 3 for Windows.
BEA Systems Weblogic Server 6.0 SP 1:
BEA Systems Weblogic Server 6.0:
BEA Systems Weblogic Server 6.1 SP 4:
BEA Systems Patch CR096950_61sp4.zip
ftp://ftpna.beasys.com/pub/releases/security/CR096950_61sp4.zip
WebLogic Server and Express 6.1 Service Pack 4 patch for Windows.
BEA Systems Weblogic Server 6.1 SP 3:
BEA Systems Weblogic Server 6.1 SP 2:
BEA Systems Weblogic Server 6.1 SP 1:
BEA Systems Weblogic Server 6.1:
BEA Systems Weblogic Server 7.0 SP 2:
BEA Systems Patch CR096950_70sp2.zip
ftp://ftpna.beasys.com/pub/releases/security/CR096950_70sp2.zip
WebLogic Server and Express 7.0/7.0.0.1 Service Pack 2 patch for
Windows.
相关信息
"Lluis Mora" <llmora@s21sec.com>
S21SEC-011 - Multiple vulnerabilities in BEA WebLogic Server
http://archives.neohapsis.com/archives/bugtraq/2003-03/0246.html
|
