Description
Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.
Affected products
- bea / weblogic_server3.1.8 β 3.1.8
- bea / weblogic_server4.0 β 4.0
- bea / weblogic_server4.0.4 β 4.0.4
- bea / weblogic_server4.5 β 4.5
- bea / weblogic_server4.5.1 β 4.5.1
- bea / weblogic_server4.5.1 β 4.5.1
- bea / weblogic_server4.5.2 β 4.5.2
- bea / weblogic_server4.5.2 β 4.5.2
- bea / weblogic_server4.5.2 β 4.5.2
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server5.1 β 5.1
- bea / weblogic_server6.0 β 6.0
- bea / weblogic_server6.0 β 6.0
- bea / weblogic_server6.0 β 6.0
- bea / weblogic_server6.0 β 6.0
- bea / weblogic_server6.1 β 6.1
- bea / weblogic_server6.1 β 6.1
- bea / weblogic_server6.1 β 6.1
- bea / weblogic_server6.1 β 6.1
- bea / weblogic_server6.1 β 6.1
- bea / weblogic_server6.1 β 6.1
- bea / weblogic_server6.1 β 6.1
- bea / weblogic_server6.1 β 6.1
- bea / weblogic_server6.1 β 6.1
- bea / weblogic_server7.0 β 7.0
- bea / weblogic_server7.0 β 7.0
- bea / weblogic_server7.0 β 7.0
- bea / weblogic_server7.0 β 7.0
- bea / weblogic_server7.0 β 7.0
- bea / weblogic_server7.0 β 7.0
- bea / weblogic_server7.0 β 7.0
- bea / weblogic_server7.0 β 7.0
- bea / weblogic_server7.0.0.1 β 7.0.0.1
- bea / weblogic_server7.0.0.1 β 7.0.0.1
- bea / weblogic_server7.0.0.1 β 7.0.0.1
- bea / weblogic_server7.0.0.1 β 7.0.0.1
- bea / weblogic_server7.0.0.1 β 7.0.0.1
- bea / weblogic_server8.1 β 8.1
- bea / weblogic_server8.1 β 8.1
- bea / weblogic_server8.1 β 8.1
- bea / weblogic_server8.1 β 8.1
- bea / weblogic_server8.1 β 8.1
- bea / weblogic_server8.1 β 8.1
- bea / weblogic_server8.1 β 8.1
- bea / weblogic_server9.0 β 9.0
- bea / weblogic_server9.0 β 9.0
- bea / weblogic_server9.0 β 9.0
- bea / weblogic_server9.0 β 9.0
- bea / weblogic_server9.0 β 9.0
- bea / weblogic_server9.0 β 9.0
- bea / weblogic_server9.0 β 9.0
- bea / weblogic_server9.1 β 9.1
- bea / weblogic_server9.1 β 9.1
- bea / weblogic_server9.2 β 9.2
- bea / weblogic_server9.2 β 9.2
- bea / weblogic_server9.2 β 9.2
- bea / weblogic_server10.0 β 10.0
- bea_systems / apache_connector_in_weblogic_server
- bea_systems / weblogic_server10.0_mp1 β 10.0_mp1
- oracle / weblogic_server10.3
References
- MISChttp://www.attrition.org/pipermail/vim/2008-July/002035.html
- MISChttp://www.attrition.org/pipermail/vim/2008-July/002036.html
- EXPLOIThttps://www.exploit-db.com/exploits/6089
- VENDOR_ADVISORYhttp://www.oracle.com/technology/deploy/security/alerts/alert_cve2008-3257.html
- VENDOR_ADVISORYhttps://support.bea.com/application_content/product_portlets/securityadvisories/2793.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/31146
- MISChttp://www.securityfocus.com/bid/30273
- VENDOR_ADVISORYhttp://blogs.oracle.com/security/2008/07/security_alert_for_cve-2008-3257_released.html
- MISChttp://www.securitytracker.com/id?1020520
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/43885
- MISChttp://www.kb.cert.org/vuls/id/716387
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2145/references