|
|
BEA WebLogic远程低权限管理功能访问漏洞
发布时间:2003-03-28
更新时间:2003-03-28
严重程度:高
威胁程度:远程管理员权限
错误类型:设计错误
利用方式:服务器模式
BUGTRAQ ID:7124
受影响系统BEA Systems WebLogic Express 6.0 SP 2
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0
-Microsoft Windows NT Enterprise Server 4.0 SP1
-Microsoft Windows NT Enterprise Server 4.0 SP2
-Microsoft Windows NT Enterprise Server 4.0 SP3
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0
-Microsoft Windows NT Server 4.0 SP1
-Microsoft Windows NT Server 4.0 SP2
-Microsoft Windows NT Server 4.0 SP3
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0
-Microsoft Windows NT Workstation 4.0 SP1
-Microsoft Windows NT Workstation 4.0 SP2
-Microsoft Windows NT Workstation 4.0 SP3
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6
-Sun Solaris 2.7
-Sun Solaris 8.0
BEA Systems WebLogic Express 6.0 SP 1
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0
-Microsoft Windows NT Enterprise Server 4.0 SP1
-Microsoft Windows NT Enterprise Server 4.0 SP2
-Microsoft Windows NT Enterprise Server 4.0 SP3
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0
-Microsoft Windows NT Server 4.0 SP1
-Microsoft Windows NT Server 4.0 SP2
-Microsoft Windows NT Server 4.0 SP3
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0
-Microsoft Windows NT Workstation 4.0 SP1
-Microsoft Windows NT Workstation 4.0 SP2
-Microsoft Windows NT Workstation 4.0 SP3
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6
-Sun Solaris 2.7
-Sun Solaris 8.0
BEA Systems WebLogic Express 6.0
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0
-Microsoft Windows NT Enterprise Server 4.0 SP1
-Microsoft Windows NT Enterprise Server 4.0 SP2
-Microsoft Windows NT Enterprise Server 4.0 SP3
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0
-Microsoft Windows NT Server 4.0 SP1
-Microsoft Windows NT Server 4.0 SP2
-Microsoft Windows NT Server 4.0 SP3
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0
-Microsoft Windows NT Workstation 4.0 SP1
-Microsoft Windows NT Workstation 4.0 SP2
-Microsoft Windows NT Workstation 4.0 SP3
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6
-Sun Solaris 2.7
-Sun Solaris 8.0
BEA Systems WebLogic Express 6.1 SP 4
BEA Systems WebLogic Express 6.1 SP 3
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0
-Microsoft Windows NT Enterprise Server 4.0 SP1
-Microsoft Windows NT Enterprise Server 4.0 SP2
-Microsoft Windows NT Enterprise Server 4.0 SP3
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0
-Microsoft Windows NT Server 4.0 SP1
-Microsoft Windows NT Server 4.0 SP2
-Microsoft Windows NT Server 4.0 SP3
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0
-Microsoft Windows NT Workstation 4.0 SP1
-Microsoft Windows NT Workstation 4.0 SP2
-Microsoft Windows NT Workstation 4.0 SP3
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6
-Sun Solaris 2.7
-Sun Solaris 8.0
BEA Systems WebLogic Express 6.1 SP 2
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0
-Microsoft Windows NT Enterprise Server 4.0 SP1
-Microsoft Windows NT Enterprise Server 4.0 SP2
-Microsoft Windows NT Enterprise Server 4.0 SP3
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0
-Microsoft Windows NT Server 4.0 SP1
-Microsoft Windows NT Server 4.0 SP2
-Microsoft Windows NT Server 4.0 SP3
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0
-Microsoft Windows NT Workstation 4.0 SP1
-Microsoft Windows NT Workstation 4.0 SP2
-Microsoft Windows NT Workstation 4.0 SP3
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6
-Sun Solaris 2.7
-Sun Solaris 8.0
BEA Systems WebLogic Express 6.1 SP 1
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0
-Microsoft Windows NT Enterprise Server 4.0 SP1
-Microsoft Windows NT Enterprise Server 4.0 SP2
-Microsoft Windows NT Enterprise Server 4.0 SP3
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0
-Microsoft Windows NT Server 4.0 SP1
-Microsoft Windows NT Server 4.0 SP2
-Microsoft Windows NT Server 4.0 SP3
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0
-Microsoft Windows NT Workstation 4.0 SP1
-Microsoft Windows NT Workstation 4.0 SP2
-Microsoft Windows NT Workstation 4.0 SP3
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6
-Sun Solaris 2.7
-Sun Solaris 8.0
BEA Systems WebLogic Express 6.1
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0
-Microsoft Windows NT Enterprise Server 4.0 SP1
-Microsoft Windows NT Enterprise Server 4.0 SP2
-Microsoft Windows NT Enterprise Server 4.0 SP3
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0
-Microsoft Windows NT Server 4.0 SP1
-Microsoft Windows NT Server 4.0 SP2
-Microsoft Windows NT Server 4.0 SP3
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0
-Microsoft Windows NT Workstation 4.0 SP1
-Microsoft Windows NT Workstation 4.0 SP2
-Microsoft Windows NT Workstation 4.0 SP3
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6
-Sun Solaris 2.7
-Sun Solaris 8.0
BEA Systems WebLogic Express 7.0 .0.1 SP 2
BEA Systems WebLogic Express 7.0 .0.1 SP 1
BEA Systems WebLogic Express 7.0 .0.1
BEA Systems WebLogic Express 7.0 SP 2
BEA Systems WebLogic Express 7.0 SP 1
BEA Systems WebLogic Express 7.0
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6 sparc
-Sun Solaris 2.7 sparc
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.0 SP 2
-HP HP-UX 10.20
-HP HP-UX 11.0
-IBM AIX 4.2
-IBM AIX 4.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0
-Microsoft Windows NT Enterprise Server 4.0 SP1
-Microsoft Windows NT Enterprise Server 4.0 SP2
-Microsoft Windows NT Enterprise Server 4.0 SP3
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0
-Microsoft Windows NT Server 4.0 SP1
-Microsoft Windows NT Server 4.0 SP2
-Microsoft Windows NT Server 4.0 SP3
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0
-Microsoft Windows NT Workstation 4.0 SP1
-Microsoft Windows NT Workstation 4.0 SP2
-Microsoft Windows NT Workstation 4.0 SP3
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 5.1
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.0 SP 1
-HP HP-UX 10.20
-HP HP-UX 11.0
-IBM AIX 4.2
-IBM AIX 4.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0
-Microsoft Windows NT Enterprise Server 4.0 SP1
-Microsoft Windows NT Enterprise Server 4.0 SP2
-Microsoft Windows NT Enterprise Server 4.0 SP3
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0
-Microsoft Windows NT Server 4.0 SP1
-Microsoft Windows NT Server 4.0 SP2
-Microsoft Windows NT Server 4.0 SP3
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0
-Microsoft Windows NT Workstation 4.0 SP1
-Microsoft Windows NT Workstation 4.0 SP2
-Microsoft Windows NT Workstation 4.0 SP3
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 5.1
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.0
-Apache Software Foundation Apache 1.3.9
-Apache Software Foundation Apache 1.3.9 win32
-Apache Software Foundation Apache 1.3.12
-C2Net StrongHold Web Server 3.0
-HP HP-UX 10.20
-HP HP-UX 11.0
-IBM AIX 4.2
-IBM AIX 4.3
-Microsoft IIS 4.0
-Microsoft IIS 5.0
-Microsoft Windows 2000 Workstation
-Microsoft Windows 98
-Microsoft Windows NT 4.0
-RedHat Linux 5.1
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.1 SP 4
BEA Systems Weblogic Server 6.1 SP 3
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6 sparc
-Sun Solaris 2.7 sparc
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.1 SP 2
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT 4.0 SP4
-Microsoft Windows NT 4.0 SP5
-Microsoft Windows NT 4.0 SP6
-Microsoft Windows NT 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6 sparc
-Sun Solaris 2.7 sparc
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.1 SP 1
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT 4.0 SP4
-Microsoft Windows NT 4.0 SP5
-Microsoft Windows NT 4.0 SP6
-Microsoft Windows NT 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6 sparc
-Sun Solaris 2.7 sparc
-Sun Solaris 8.0
BEA Systems Weblogic Server 6.1
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT 4.0 SP4
-Microsoft Windows NT 4.0 SP5
-Microsoft Windows NT 4.0 SP6
-Microsoft Windows NT 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6 sparc
-Sun Solaris 2.7 sparc
-Sun Solaris 8.0
BEA Systems Weblogic Server 7.0 .0.1 SP 2
BEA Systems Weblogic Server 7.0 .0.1 SP 1
BEA Systems Weblogic Server 7.0 .0.1
BEA Systems Weblogic Server 7.0 SP 2
BEA Systems Weblogic Server 7.0 SP 1
BEA Systems Weblogic Server 7.0
-HP HP-UX 11i
-HP HP-UX 11.0
-IBM AIX 4.3.3
-Microsoft Windows 2000 Advanced Server
-Microsoft Windows 2000 Advanced Server SP1
-Microsoft Windows 2000 Advanced Server SP2
-Microsoft Windows 2000 Datacenter Server
-Microsoft Windows 2000 Datacenter Server SP1
-Microsoft Windows 2000 Datacenter Server SP2
-Microsoft Windows 2000 Professional
-Microsoft Windows 2000 Professional SP1
-Microsoft Windows 2000 Professional SP2
-Microsoft Windows 2000 Server
-Microsoft Windows 2000 Server SP1
-Microsoft Windows 2000 Server SP2
-Microsoft Windows NT Enterprise Server 4.0 SP4
-Microsoft Windows NT Enterprise Server 4.0 SP5
-Microsoft Windows NT Enterprise Server 4.0 SP6
-Microsoft Windows NT Enterprise Server 4.0 SP6a
-Microsoft Windows NT Server 4.0 SP4
-Microsoft Windows NT Server 4.0 SP5
-Microsoft Windows NT Server 4.0 SP6
-Microsoft Windows NT Server 4.0 SP6a
-Microsoft Windows NT Workstation 4.0 SP4
-Microsoft Windows NT Workstation 4.0 SP5
-Microsoft Windows NT Workstation 4.0 SP6
-Microsoft Windows NT Workstation 4.0 SP6a
-RedHat Linux 6.2 i386
-RedHat Linux 7.1 i386
-Sun Solaris 2.6 sparc
-Sun Solaris 2.7 sparc
-Sun Solaris 8.0 详细描述
BEA WebLogic实现上存在几个未文档化的应用程序,在通常情况下用于服务器之间的数据传递并支持应用的分发。在某些情况下,低权限的用户可以利用这些应用程序获取服务器下层系统和应用的访问权限。
解决方案
厂商已经提供了补丁以修复此漏洞:
BEA Systems Weblogic Server 6.0 SP 2:
BEA Systems Patch CR096950_60sp2rp3.zip
ftp://ftpna.beasys.com/pub/releases/security/CR096950_60sp2rp3.zip
WebLogic Server and Express 6.0 Service Pack 2 Rolling Patch 3 for Windows.
BEA Systems WebLogic Express 6.0 SP 2:
BEA Systems Patch CR096950_60sp2rp3.zip
ftp://ftpna.beasys.com/pub/releases/security/CR096950_60sp2rp3.zip
WebLogic Server and Express 6.0 Service Pack 2 Rolling Patch 3 for Windows.
BEA Systems Weblogic Server 6.0 SP 1:
BEA Systems WebLogic Express 6.0 SP 1:
BEA Systems Weblogic Server 6.0:
BEA Systems WebLogic Express 6.0:
BEA Systems WebLogic Express 6.1 SP 4:
BEA Systems Patch CR096950_61sp4.zip
ftp://ftpna.beasys.com/pub/releases/security/CR096950_61sp4.zip
WebLogic Server and Express 6.1 Service Pack 4 patch for Windows.
BEA Systems Weblogic Server 6.1 SP 4:
BEA Systems Patch CR096950_61sp4.zip
ftp://ftpna.beasys.com/pub/releases/security/CR096950_61sp4.zip
WebLogic Server and Express 6.1 Service Pack 4 patch for Windows.
BEA Systems WebLogic Express 6.1 SP 3:
BEA Systems Weblogic Server 6.1 SP 3:
BEA Systems Weblogic Server 6.1 SP 2:
BEA Systems WebLogic Express 6.1 SP 2:
BEA Systems WebLogic Express 6.1 SP 1:
BEA Systems Weblogic Server 6.1 SP 1:
BEA Systems Weblogic Server 6.1:
BEA Systems WebLogic Express 6.1:
BEA Systems Weblogic Server 7.0 .0.1 SP 2:
BEA Systems Patch CR096950_70sp2.zip
ftp://ftpna.beasys.com/pub/releases/security/CR096950_70sp2.zip
WebLogic Server and Express 7.0/7.0.0.1 Service Pack 2 patch for
Windows.
BEA Systems WebLogic Express 7.0 .0.1 SP 2:
BEA Systems Patch CR096950_70sp2.zip
ftp://ftpna.beasys.com/pub/releases/security/CR096950_70sp2.zip
WebLogic Server and Express 7.0/7.0.0.1 Service Pack 2 patch for
Windows.
BEA Systems WebLogic Express 7.0 .0.1 SP 1:
BEA Systems Weblogic Server 7.0 .0.1 SP 1:
BEA Systems WebLogic Express 7.0 .0.1:
BEA Systems Weblogic Server 7.0 .0.1:
BEA Systems WebLogic Express 7.0 SP 2:
BEA Systems Patch CR096950_70sp2.zip
ftp://ftpna.beasys.com/pub/releases/security/CR096950_70sp2.zip
WebLogic Server and Express 7.0/7.0.0.1 Service Pack 2 patch for
Windows.
BEA Systems Weblogic Server 7.0 SP 2:
BEA Systems Patch CR096950_70sp2.zip
ftp://ftpna.beasys.com/pub/releases/security/CR096950_70sp2.zip
相关信息
SPI ADVISORY: Remote Administration of BEA WebLogic Server and Express
http://archives.neohapsis.com/archives/bugtraq/2003-03/0238.html
|
