BEA WebLogic Multiple Vulnerabilities

Bugtraq ID:	17982
Class:	Unknown
CVE:
Remote:	Yes
Local:	Yes
Published:	May 15 2006 12:00AM
Updated:	Jan 17 2007 07:20PM
Credit:	These issues were disclosed by the vendor.
Vulnerable:	BEA Systems WebLogic Server for Win32 8.1 SP 5 BEA Systems WebLogic Server for Win32 8.1 SP 4 BEA Systems WebLogic Server for Win32 8.1 SP 3 BEA Systems WebLogic Server for Win32 8.1 SP 2 BEA Systems WebLogic Server for Win32 8.1 SP 1 BEA Systems WebLogic Server for Win32 8.1 BEA Systems WebLogic Server for Win32 7.0 .0.1 SP 2 BEA Systems WebLogic Server for Win32 7.0 .0.1 SP 1 BEA Systems WebLogic Server for Win32 7.0 .0.1 BEA Systems WebLogic Server for Win32 7.0 SP 6 BEA Systems WebLogic Server for Win32 7.0 SP 5 BEA Systems WebLogic Server for Win32 7.0 SP 4 BEA Systems WebLogic Server for Win32 7.0 SP 3 BEA Systems WebLogic Server for Win32 7.0 SP 2 BEA Systems WebLogic Server for Win32 7.0 SP 1 BEA Systems WebLogic Server for Win32 7.0 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows 2000 Terminal Services SP2 - Microsoft Windows 2000 Terminal Services SP1 - Microsoft Windows 2000 Terminal Services - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6 - Microsoft Windows NT Enterprise Server 4.0 SP5 - Microsoft Windows NT Enterprise Server 4.0 SP4 - Microsoft Windows NT Enterprise Server 4.0 SP3 - Microsoft Windows NT Enterprise Server 4.0 SP2 - Microsoft Windows NT Enterprise Server 4.0 SP1 - Microsoft Windows NT Enterprise Server 4.0 - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6 - Microsoft Windows NT Server 4.0 SP5 - Microsoft Windows NT Server 4.0 SP4 - Microsoft Windows NT Server 4.0 SP3 - Microsoft Windows NT Server 4.0 SP2 - Microsoft Windows NT Server 4.0 SP1 - Microsoft Windows NT Server 4.0 - Microsoft Windows NT Terminal Server 4.0 SP6 - Microsoft Windows NT Terminal Server 4.0 SP5 - Microsoft Windows NT Terminal Server 4.0 SP4 - Microsoft Windows NT Terminal Server 4.0 SP3 - Microsoft Windows NT Terminal Server 4.0 SP2 - Microsoft Windows NT Terminal Server 4.0 SP1 - Microsoft Windows NT Terminal Server 4.0 - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6 - Microsoft Windows NT Workstation 4.0 SP5 - Microsoft Windows NT Workstation 4.0 SP4 - Microsoft Windows NT Workstation 4.0 SP3 - Microsoft Windows NT Workstation 4.0 SP2 - Microsoft Windows NT Workstation 4.0 SP1 - Microsoft Windows NT Workstation 4.0 BEA Systems WebLogic Server for Win32 6.1 SP 7 BEA Systems WebLogic Server for Win32 6.1 SP 6 BEA Systems WebLogic Server for Win32 6.1 SP 5 BEA Systems WebLogic Server for Win32 6.1 SP 4 BEA Systems WebLogic Server for Win32 6.1 SP 3 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows 2000 Terminal Services SP2 - Microsoft Windows 2000 Terminal Services SP1 - Microsoft Windows 2000 Terminal Services - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6 - Microsoft Windows NT Enterprise Server 4.0 SP5 - Microsoft Windows NT Enterprise Server 4.0 SP4 - Microsoft Windows NT Enterprise Server 4.0 SP3 - Microsoft Windows NT Enterprise Server 4.0 SP2 - Microsoft Windows NT Enterprise Server 4.0 SP1 - Microsoft Windows NT Enterprise Server 4.0 - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6 - Microsoft Windows NT Server 4.0 SP5 - Microsoft Windows NT Server 4.0 SP4 - Microsoft Windows NT Server 4.0 SP3 - Microsoft Windows NT Server 4.0 SP2 - Microsoft Windows NT Server 4.0 SP1 - Microsoft Windows NT Server 4.0 - Microsoft Windows NT Terminal Server 4.0 SP6 - Microsoft Windows NT Terminal Server 4.0 SP5 - Microsoft Windows NT Terminal Server 4.0 SP4 - Microsoft Windows NT Terminal Server 4.0 SP3 - Microsoft Windows NT Terminal Server 4.0 SP2 - Microsoft Windows NT Terminal Server 4.0 SP1 - Microsoft Windows NT Terminal Server 4.0 - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6 - Microsoft Windows NT Workstation 4.0 SP5 - Microsoft Windows NT Workstation 4.0 SP4 - Microsoft Windows NT Workstation 4.0 SP3 - Microsoft Windows NT Workstation 4.0 SP2 - Microsoft Windows NT Workstation 4.0 SP1 - Microsoft Windows NT Workstation 4.0 BEA Systems WebLogic Server for Win32 6.1 SP 2 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows 2000 Terminal Services SP2 - Microsoft Windows 2000 Terminal Services SP1 - Microsoft Windows 2000 Terminal Services - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6 - Microsoft Windows NT Enterprise Server 4.0 SP5 - Microsoft Windows NT Enterprise Server 4.0 SP4 - Microsoft Windows NT Enterprise Server 4.0 SP3 - Microsoft Windows NT Enterprise Server 4.0 SP2 - Microsoft Windows NT Enterprise Server 4.0 SP1 - Microsoft Windows NT Enterprise Server 4.0 - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6 - Microsoft Windows NT Server 4.0 SP5 - Microsoft Windows NT Server 4.0 SP4 - Microsoft Windows NT Server 4.0 SP3 - Microsoft Windows NT Server 4.0 SP2 - Microsoft Windows NT Server 4.0 SP1 - Microsoft Windows NT Server 4.0 - Microsoft Windows NT Terminal Server 4.0 SP6 - Microsoft Windows NT Terminal Server 4.0 SP5 - Microsoft Windows NT Terminal Server 4.0 SP4 - Microsoft Windows NT Terminal Server 4.0 SP3 - Microsoft Windows NT Terminal Server 4.0 SP2 - Microsoft Windows NT Terminal Server 4.0 SP1 - Microsoft Windows NT Terminal Server 4.0 - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6 - Microsoft Windows NT Workstation 4.0 SP5 - Microsoft Windows NT Workstation 4.0 SP4 - Microsoft Windows NT Workstation 4.0 SP3 - Microsoft Windows NT Workstation 4.0 SP2 - Microsoft Windows NT Workstation 4.0 SP1 - Microsoft Windows NT Workstation 4.0 BEA Systems WebLogic Server for Win32 6.1 SP 1 BEA Systems WebLogic Server for Win32 6.1 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows 2000 Terminal Services SP2 - Microsoft Windows 2000 Terminal Services SP1 - Microsoft Windows 2000 Terminal Services - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6 - Microsoft Windows NT Enterprise Server 4.0 SP5 - Microsoft Windows NT Enterprise Server 4.0 SP4 - Microsoft Windows NT Enterprise Server 4.0 SP3 - Microsoft Windows NT Enterprise Server 4.0 SP2 - Microsoft Windows NT Enterprise Server 4.0 SP1 - Microsoft Windows NT Enterprise Server 4.0 - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6 - Microsoft Windows NT Server 4.0 SP5 - Microsoft Windows NT Server 4.0 SP4 - Microsoft Windows NT Server 4.0 SP3 - Microsoft Windows NT Server 4.0 SP2 - Microsoft Windows NT Server 4.0 SP1 - Microsoft Windows NT Server 4.0 - Microsoft Windows NT Terminal Server 4.0 SP6 - Microsoft Windows NT Terminal Server 4.0 SP5 - Microsoft Windows NT Terminal Server 4.0 SP4 - Microsoft Windows NT Terminal Server 4.0 SP3 - Microsoft Windows NT Terminal Server 4.0 SP2 - Microsoft Windows NT Terminal Server 4.0 SP1 - Microsoft Windows NT Terminal Server 4.0 - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6 - Microsoft Windows NT Workstation 4.0 SP5 - Microsoft Windows NT Workstation 4.0 SP4 - Microsoft Windows NT Workstation 4.0 SP3 - Microsoft Windows NT Workstation 4.0 SP2 - Microsoft Windows NT Workstation 4.0 SP1 - Microsoft Windows NT Workstation 4.0 BEA Systems WebLogic Server for Win32 9.1 BEA Systems WebLogic Server for Win32 9.0 BEA Systems Weblogic Server 8.1 SP 5 BEA Systems Weblogic Server 8.1 SP 4 BEA Systems Weblogic Server 8.1 SP 3 BEA Systems Weblogic Server 8.1 SP 2 BEA Systems Weblogic Server 8.1 SP 1 BEA Systems Weblogic Server 8.1 BEA Systems Weblogic Server 7.0 .0.1 SP 4 BEA Systems Weblogic Server 7.0 .0.1 SP 3 BEA Systems Weblogic Server 7.0 .0.1 SP 2 BEA Systems Weblogic Server 7.0 .0.1 SP 1 BEA Systems Weblogic Server 7.0 .0.1 BEA Systems Weblogic Server 7.0 SP 6 BEA Systems Weblogic Server 7.0 SP 5 BEA Systems Weblogic Server 7.0 SP 4 BEA Systems Weblogic Server 7.0 SP 3 BEA Systems Weblogic Server 7.0 SP 2 BEA Systems Weblogic Server 7.0 SP 1 BEA Systems Weblogic Server 7.0 - HP HP-UX 11.0 - HP HP-UX 11i v1 - IBM AIX 4.3.3 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6 - Microsoft Windows NT Enterprise Server 4.0 SP5 - Microsoft Windows NT Enterprise Server 4.0 SP4 - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6 - Microsoft Windows NT Server 4.0 SP5 - Microsoft Windows NT Server 4.0 SP4 - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6 - Microsoft Windows NT Workstation 4.0 SP5 - Microsoft Windows NT Workstation 4.0 SP4 - Redhat Linux 7.1 i386 - Redhat Linux 6.2 i386 - Sun Solaris 8_sparc - Sun Solaris 2.7_sparc - Sun Solaris 2.6_sparc BEA Systems Weblogic Server 6.1 SP6 BEA Systems Weblogic Server 6.1 SP 7 BEA Systems Weblogic Server 6.1 SP 5 BEA Systems Weblogic Server 6.1 SP 4 BEA Systems Weblogic Server 6.1 SP 3 - HP HP-UX 11.0 - HP HP-UX 11i v1 - IBM AIX 4.3.3 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6 - Microsoft Windows NT Enterprise Server 4.0 SP5 - Microsoft Windows NT Enterprise Server 4.0 SP4 - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6 - Microsoft Windows NT Server 4.0 SP5 - Microsoft Windows NT Server 4.0 SP4 - Redhat Linux 7.1 i386 - Redhat Linux 6.2 i386 - Sun Solaris 8_sparc - Sun Solaris 2.7_sparc - Sun Solaris 2.6_sparc BEA Systems Weblogic Server 6.1 SP 2 - HP HP-UX 11.0 - HP HP-UX 11i v1 - IBM AIX 4.3.3 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows NT 4.0 SP6a - Microsoft Windows NT 4.0 SP6 - Microsoft Windows NT 4.0 SP5 - Microsoft Windows NT 4.0 SP4 - Redhat Linux 7.1 i386 - Redhat Linux 6.2 i386 - Sun Solaris 8_sparc - Sun Solaris 2.7_sparc - Sun Solaris 2.6_sparc BEA Systems Weblogic Server 6.1 SP 1 - HP HP-UX 11.0 - HP HP-UX 11i v1 - IBM AIX 4.3.3 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows NT 4.0 SP6a - Microsoft Windows NT 4.0 SP6 - Microsoft Windows NT 4.0 SP5 - Microsoft Windows NT 4.0 SP4 - Redhat Linux 7.1 i386 - Redhat Linux 6.2 i386 - Sun Solaris 8_sparc - Sun Solaris 2.7_sparc - Sun Solaris 2.6_sparc BEA Systems Weblogic Server 6.1 - HP HP-UX 11.0 - HP HP-UX 11i v1 - IBM AIX 4.3.3 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows NT 4.0 SP6a - Microsoft Windows NT 4.0 SP6 - Microsoft Windows NT 4.0 SP5 - Microsoft Windows NT 4.0 SP4 - Redhat Linux 7.1 i386 - Redhat Linux 6.2 i386 - Sun Solaris 8_sparc - Sun Solaris 2.7_sparc - Sun Solaris 2.6_sparc BEA Systems Weblogic Server 9.1 BEA Systems Weblogic Server 9.0 BEA Systems WebLogic Portal 8.1 SP4 BEA Systems WebLogic Portal 8.1 SP3 BEA Systems WebLogic Platform 8.1 SP 2 BEA Systems WebLogic Platform 8.1 SP 1 BEA Systems WebLogic Platform 8.1 BEA Systems WebLogic Platform 7.0 SP 5 BEA Systems WebLogic Platform 7.0 SP 4 BEA Systems WebLogic Platform 7.0 SP 3 BEA Systems WebLogic Platform 7.0 SP 2 BEA Systems WebLogic Platform 7.0 SP 1 BEA Systems WebLogic Platform 7.0 BEA Systems WebLogic Express 7.0 .0.1 SP 4 BEA Systems WebLogic Express 7.0 .0.1 SP 3 BEA Systems WebLogic Express 7.0 .0.1 SP 2 BEA Systems WebLogic Express 7.0 .0.1 SP 1 BEA Systems WebLogic Express 7.0 .0.1 BEA Systems WebLogic Express 7.0 SP 7 BEA Systems WebLogic Express 7.0 SP 6 BEA Systems WebLogic Express 7.0 SP 5 BEA Systems WebLogic Express 7.0 SP 4 BEA Systems WebLogic Express 7.0 SP 3 BEA Systems WebLogic Express 7.0 SP 2 BEA Systems WebLogic Express 7.0 SP 1 BEA Systems WebLogic Express 7.0 - HP HP-UX 11.0 - HP HP-UX 11i v1 - IBM AIX 4.3.3 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6 - Microsoft Windows NT Enterprise Server 4.0 SP5 - Microsoft Windows NT Enterprise Server 4.0 SP4 - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6 - Microsoft Windows NT Server 4.0 SP5 - Microsoft Windows NT Server 4.0 SP4 - Redhat Linux 7.1 i386 - Redhat Linux 6.2 i386 - Sun Solaris 8_sparc - Sun Solaris 2.7_sparc - Sun Solaris 2.6_sparc BEA Systems WebLogic Express 6.1 SP6 BEA Systems WebLogic Express 6.1 SP 8 BEA Systems WebLogic Express 6.1 SP 7 BEA Systems WebLogic Express 6.1 SP 5 BEA Systems WebLogic Express 6.1 SP 4 BEA Systems WebLogic Express 6.1 SP 3 - HP HP-UX 11.0 - HP HP-UX 11i v1 - IBM AIX 4.3.3 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6 - Microsoft Windows NT Enterprise Server 4.0 SP5 - Microsoft Windows NT Enterprise Server 4.0 SP4 - Microsoft Windows NT Enterprise Server 4.0 SP3 - Microsoft Windows NT Enterprise Server 4.0 SP2 - Microsoft Windows NT Enterprise Server 4.0 SP1 - Microsoft Windows NT Enterprise Server 4.0 - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6 - Microsoft Windows NT Server 4.0 SP5 - Microsoft Windows NT Server 4.0 SP4 - Microsoft Windows NT Server 4.0 SP3 - Microsoft Windows NT Server 4.0 SP2 - Microsoft Windows NT Server 4.0 SP1 - Microsoft Windows NT Server 4.0 - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6 - Microsoft Windows NT Workstation 4.0 SP5 - Microsoft Windows NT Workstation 4.0 SP4 - Microsoft Windows NT Workstation 4.0 SP3 - Microsoft Windows NT Workstation 4.0 SP2 - Microsoft Windows NT Workstation 4.0 SP1 - Microsoft Windows NT Workstation 4.0 - Redhat Linux 7.1 i386 - Redhat Linux 6.2 i386 - Sun Solaris 8_sparc - Sun Solaris 2.7 - Sun Solaris 2.6 BEA Systems WebLogic Express 6.1 SP 2 - HP HP-UX 11.0 - HP HP-UX 11i v1 - IBM AIX 4.3.3 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6 - Microsoft Windows NT Enterprise Server 4.0 SP5 - Microsoft Windows NT Enterprise Server 4.0 SP4 - Microsoft Windows NT Enterprise Server 4.0 SP3 - Microsoft Windows NT Enterprise Server 4.0 SP2 - Microsoft Windows NT Enterprise Server 4.0 SP1 - Microsoft Windows NT Enterprise Server 4.0 - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6 - Microsoft Windows NT Server 4.0 SP5 - Microsoft Windows NT Server 4.0 SP4 - Microsoft Windows NT Server 4.0 SP3 - Microsoft Windows NT Server 4.0 SP2 - Microsoft Windows NT Server 4.0 SP1 - Microsoft Windows NT Server 4.0 - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6 - Microsoft Windows NT Workstation 4.0 SP5 - Microsoft Windows NT Workstation 4.0 SP4 - Microsoft Windows NT Workstation 4.0 SP3 - Microsoft Windows NT Workstation 4.0 SP2 - Microsoft Windows NT Workstation 4.0 SP1 - Microsoft Windows NT Workstation 4.0 - Redhat Linux 7.1 i386 - Redhat Linux 6.2 i386 - Sun Solaris 8_sparc - Sun Solaris 2.7 - Sun Solaris 2.6 BEA Systems WebLogic Express 6.1 SP 1 - HP HP-UX 11.0 - HP HP-UX 11i v1 - IBM AIX 4.3.3 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6 - Microsoft Windows NT Enterprise Server 4.0 SP5 - Microsoft Windows NT Enterprise Server 4.0 SP4 - Microsoft Windows NT Enterprise Server 4.0 SP3 - Microsoft Windows NT Enterprise Server 4.0 SP2 - Microsoft Windows NT Enterprise Server 4.0 SP1 - Microsoft Windows NT Enterprise Server 4.0 - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6 - Microsoft Windows NT Server 4.0 SP5 - Microsoft Windows NT Server 4.0 SP4 - Microsoft Windows NT Server 4.0 SP3 - Microsoft Windows NT Server 4.0 SP2 - Microsoft Windows NT Server 4.0 SP1 - Microsoft Windows NT Server 4.0 - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6 - Microsoft Windows NT Workstation 4.0 SP5 - Microsoft Windows NT Workstation 4.0 SP4 - Microsoft Windows NT Workstation 4.0 SP3 - Microsoft Windows NT Workstation 4.0 SP2 - Microsoft Windows NT Workstation 4.0 SP1 - Microsoft Windows NT Workstation 4.0 - Redhat Linux 7.1 i386 - Redhat Linux 6.2 i386 - Sun Solaris 8_sparc - Sun Solaris 2.7 - Sun Solaris 2.6 BEA Systems WebLogic Express 6.1 - HP HP-UX 11.0 - HP HP-UX 11i v1 - IBM AIX 4.3.3 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6 - Microsoft Windows NT Enterprise Server 4.0 SP5 - Microsoft Windows NT Enterprise Server 4.0 SP4 - Microsoft Windows NT Enterprise Server 4.0 SP3 - Microsoft Windows NT Enterprise Server 4.0 SP2 - Microsoft Windows NT Enterprise Server 4.0 SP1 - Microsoft Windows NT Enterprise Server 4.0 - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6 - Microsoft Windows NT Server 4.0 SP5 - Microsoft Windows NT Server 4.0 SP4 - Microsoft Windows NT Server 4.0 SP3 - Microsoft Windows NT Server 4.0 SP2 - Microsoft Windows NT Server 4.0 SP1 - Microsoft Windows NT Server 4.0 - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6 - Microsoft Windows NT Workstation 4.0 SP5 - Microsoft Windows NT Workstation 4.0 SP4 - Microsoft Windows NT Workstation 4.0 SP3 - Microsoft Windows NT Workstation 4.0 SP2 - Microsoft Windows NT Workstation 4.0 SP1 - Microsoft Windows NT Workstation 4.0 - Redhat Linux 7.1 i386 - Redhat Linux 6.2 i386 - Sun Solaris 8_sparc - Sun Solaris 2.7 - Sun Solaris 2.6
Not Vulnerable:

BEA WebLogic Multiple Vulnerabilities

BEA has released 11 advisories identifying various vulnerabilities affecting BEA WebLogic Server, WebLogic Platform, and WebLogic Express. These issues present remote and local threats and may facilitate attacks affecting the integrity, confidentiality, and availability of vulnerable computers.

BEA WebLogic Multiple Vulnerabilities

Currently we are not aware of any exploits for these issues. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]

BEA WebLogic Multiple Vulnerabilities

Solution:
The vendor has released updates to address these issues. Consult the referenced advisories for details on obtaining the appropriate updates.

BEA security advisory BEA07-107.02 supersedes security advisory BEA05-107.01.


BEA Systems Weblogic Server 9.0

• BEA Systems CR247655_900.jar
  ftp://ftpna.bea.com/pub/releases/security/CR247655_900.jar


• BEA Systems CR256930_900.zip
  ftp://ftpna.bea.com/pub/releases/security/CR256930_900.zip


• BEA Systems CR265510_90.jar
  ftp://ftpna.bea.com/pub/releases/security/CR265510_90.jar

BEA Systems WebLogic Server for Win32 9.0

• BEA Systems CR247655_900.jar
  ftp://ftpna.bea.com/pub/releases/security/CR247655_900.jar


• BEA Systems CR256930_900.zip
  ftp://ftpna.bea.com/pub/releases/security/CR256930_900.zip


• BEA Systems CR265510_90.jar
  ftp://ftpna.bea.com/pub/releases/security/CR265510_90.jar

BEA Systems WebLogic Express 6.1 SP 7

• BEA Systems CR238260_610sp7.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR238260_610sp7.jar


• BEA Systems CR247655_610sp7.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR247655_610sp7.jar


• BEA Systems CR265136_610sp7.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR265136_610sp7.jar


• BEA Systems CR265510_610sp7.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR265510_610sp7.jar

BEA Systems WebLogic Server for Win32 6.1 SP 7

• BEA Systems CR238260_610sp7.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR238260_610sp7.jar


• BEA Systems CR247655_610sp7.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR247655_610sp7.jar


• BEA Systems CR265136_610sp7.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR265136_610sp7.jar


• BEA Systems CR265510_610sp7.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR265510_610sp7.jar

BEA Systems Weblogic Server 6.1 SP 7

• BEA Systems CR238260_610sp7.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR238260_610sp7.jar


• BEA Systems CR247655_610sp7.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR247655_610sp7.jar


• BEA Systems CR265136_610sp7.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR265136_610sp7.jar


• BEA Systems CR265510_610sp7.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR265510_610sp7.jar

BEA Systems WebLogic Platform 7.0 SP 5

• BEA Systems CR130515.zip
  ftp://ftpna.bea.com/pub/releases/security/CR130515.zip

BEA Systems Weblogic Server 8.1 SP 5

• BEA Systems CR247655_810sp5.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR247655_810sp5.jar


• BEA Systems CR265510_810sp5.jar
  ftp://ftpna.beasys.com/pub/releases/security/CR265510_810sp5.jar

BEA WebLogic Multiple Vulnerabilities

References:

• BEA06-121.00 - The stopWebLogic.sh script echoes the system password on UNIX (BEA Systems)
  
• BEA06-124.00 - Applications installed on WebLogic Server can obtain private keys (BEA Systems)
  
• BEA06-125.00 - Internal network information may be externally visible (BEA Systems)
  
• BEA06-126.00 - Console incorrectly set JDBC policies (BEA Systems)
  
• BEA06-127.00 - WebLogic Server HTTP handlers log username and password on failur (BEA Systems)
  
• BEA06-128.00 - Domain name is exposed on Console login form (BEA Systems)
  
• BEA06-129.00 - Console displays the WebLogic Server IP address (BEA Systems)
  
• BEA06-130.00 - JSP showcode vulnerability (BEA Systems)
  
• BEA06-131.00 - Recovering admin password can leave cleartext password on disk (BEA Systems)
  
• BEA06-132.00 - Incorrect Quality of Service on some transaction coordination (BEA Systems)
  
• BEA06-133.00 - Sensitive internal system data may be exposed on the wire (BEA Systems)
  
• Weblogic (BEA Systems)
  
• WebLogic Portal Product Page (BEA Systems)
  
• WebLogic Server Product Homepage (Oracle)
  
• Security Advisory: (BEA07-107.02) (BEA Systems)