Bea Weblogic Server vulnerabilities

CVE-2005-4704 [MEDIUM] CVE-2005-4704: Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 through SP3, 7.0 through S Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 through SP3, 7.0 through SP6, and 6.1 through SP7, when SSL is intended to be used, causes an unencrypted protocol to be used in certain unspecified circumstances, which causes user credentials to be sent across the network in cleartext and allows remote attackers to gain privileges.

CVE-2005-4759 [MEDIUM] CVE-2005-4759: BEA WebLogic Server and WebLogic Express 8.1 and 7.0, during a migration across operating system pla BEA WebLogic Server and WebLogic Express 8.1 and 7.0, during a migration across operating system platforms, do not warn the administrative user about platform differences in URLResource case sensitivity, which might cause local users to inadvertently lose protection of Web Application pages.

CVE-2005-4766 [MEDIUM] CVE-2005-4766: BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not encryp BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not encrypt multicast traffic, which might allow remote attackers to read sensitive cluster synchronization messages by sniffing the multicast traffic.

CVE-2005-4753 [MEDIUM] CVE-2005-4753: BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP6 and earlier, in certain "h BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP6 and earlier, in certain "heavy usage" scenarios, report incorrect severity levels for an audit event, which might allow attackers to perform unauthorized actions and avoid detection.

CVE-2005-4754 [MEDIUM] CVE-2005-4754: BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allow remote attackers to obtain sensit BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allow remote attackers to obtain sensitive information (intranet IP addresses) via unknown attack vectors involving "network address translation."

CVE-2005-4755 [LOW] CVE-2005-4755: BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier (1) stores the private key passphrase ( BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier (1) stores the private key passphrase (CustomTrustKeyStorePassPhrase) in cleartext in nodemanager.config; or, during domain creation with the Configuration Wizard, renders an SSL private key passphrase in cleartext (2) on a terminal or (3) in a log file, which might allow local users to obtain cryptogr

CVE-2005-4761 [LOW] CVE-2005-4761: BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 and earlier, and 6.1 SP7 and e BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 and earlier, and 6.1 SP7 and earlier log the Java command line at server startup, which might include sensitive information (passwords or keyphrases) in the server log file when the -D option is used.

CVE-2005-2092 [MEDIUM] CVE-2005-2092: BEA Systems WebLogic 8.1 SP1 allows remote attackers to poison the web cache, bypass web application BEA Systems WebLogic 8.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes WebLogic to incorrectly handle and forward the body of the request in a way that causes the receiving ser

CVE-2005-1744 [CRITICAL] CWE-459 CVE-2005-1744: BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an a BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without having to log in again, which may be in violation of newly changed security constraints or role mappings.

CVE-2005-1743 [HIGH] CVE-2005-1743: BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 and 7.0 through Service Pack 5 d BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 and 7.0 through Service Pack 5 does not properly handle when a security provider throws an exception, which may cause WebLogic to use incorrect identity for the thread, or to fail to audit security exceptions.

CVE-2005-1747 [MEDIUM] CVE-2005-1747: Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 8.1 through S Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 6, allow remote attackers to inject arbitrary web script or HTML, and possibly gain administrative privileges, via the (1) j_username or (2) j_password parameters in the login page (LoginForm.jsp), (3) parameters to t

CVE-2005-1746 [MEDIUM] CVE-2005-1746: The cluster cookie parsing code in BEA WebLogic Server 7.0 through Service Pack 5 attempts to contac The cluster cookie parsing code in BEA WebLogic Server 7.0 through Service Pack 5 attempts to contact any host or port specified in a cookie, even when it is not in the cluster, which allows remote attackers to cause a denial of service (cluster slowdown) via modified cookies.

CVE-2005-1745 [MEDIUM] CVE-2005-1745: The UserLogin control in BEA WebLogic Portal 8.1 through Service Pack 3 prints the password to stand The UserLogin control in BEA WebLogic Portal 8.1 through Service Pack 3 prints the password to standard output when an incorrect login attempt is made, which could make it easier for attackers to guess the correct password.

CVE-2005-1748 [MEDIUM] CVE-2005-1748: The embedded LDAP server in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 thro The embedded LDAP server in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 5, allows remote anonymous binds, which may allow remote attackers to view user entries or cause a denial of service.

CVE-2005-1742 [MEDIUM] CVE-2005-1742: BEA WebLogic Server and WebLogic Express 8.1 SP2 and SP3 allows users with the Monitor security role BEA WebLogic Server and WebLogic Express 8.1 SP2 and SP3 allows users with the Monitor security role to "shrink or reset JDBC connection pools."

CVE-2005-1749 [MEDIUM] CVE-2005-1749: Buffer overflow in BEA WebLogic Server and WebLogic Express 6.1 Service Pack 4 allows remote attacke Buffer overflow in BEA WebLogic Server and WebLogic Express 6.1 Service Pack 4 allows remote attackers to cause a denial of service (CPU consumption from thread looping).

CVE-2005-1380 [MEDIUM] CVE-2005-1380: Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote attackers to execute Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote attackers to execute arbitrary web script or HTML via the server parameter to a JndiFramesetAction action.

CVE-2005-0432 [MEDIUM] CVE-2005-0432: BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service Pack 3 and earlier, generates di BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service Pack 3 and earlier, generates different login exceptions that suggest why an authentication attempt fails, which makes it easier for remote attackers to guess passwords via brute force attacks.

CVE-2004-2696 [MEDIUM] CWE-255 CVE-2004-2696: BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP), does not properly handle when multiple logins for different users coming from the same client, which could cause an "unexpected user identity" to be used in an RMI call.

CVE-2004-2320 [MEDIUM] CWE-200 CVE-2004-2320: The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlie The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.