{"vuid":"VU#716387","idnumber":"716387","name":"Oracle Weblogic Apache connector vulnerable to buffer overflow","keywords":["Oracle BEA Weblogic","Apache Connector","buffer overflow"],"overview":"Oracle Weblogic (formerly BEA Weblogic) contains a vulnerability which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.","clean_desc":"Oracle Weblogic Server and Weblogic Express applicaiton servers can be integrated with the Apache webserver using the Weblogic Apache connector plugin (mod_wl). A buffer overflow exists in Weblogic Server and Weblogic Express due to the way that the Apache connector plugin handles specially crafted POST requests. According to Oracle Security Advisory for CVE-2008-3257: The following versions of WebLogic Server and WebLogic Express are affected by this vulnerability Apache Plug-ins dated prior to July 28 2008 which implies: WebLogic Server 10.0 released through Maintenance Pack 1, on all platforms\n           WebLogic Server 9.2 released through Maintenance Pack 3, on all platforms\n           WebLogic Server 9.1 on all platforms\n           WebLogic Server 9.0 on all platforms\n           WebLogic Server 8.1 released through Service Pack 6, on all platforms\n           WebLogic Server 7.0 released through Service Pack 7 on all platforms\n           WebLogic Server 6.1 released through Service Pack 7 on all platforms","impact":"A remote, unauthenticated attacker may be able to execute arbitrary code.","resolution":"Apply a patch\nPatches have been released to address this issue. Refer to  Oracle Security Advisory for CVE-2008-3257 for more information.","workarounds":"Reconfigure Apache According to Oracle Security Advisory for CVE-2008-3257: It is possible to configure Apache and avert this vulnerability by rejecting certain invalid requests. To do so, add the following parameter to the httpd.conf file and restart Apache: LimitRequestLine 4000 Install the mod_security module Oracle suggests installing the mod_security module, which is available in open source from http://www.modsecurity.org/. More information about these workarounds is provided in Oracle Security Advisory for CVE-2008-3257.","sysaffected":"","thanks":"This vulnerabilty was reported by KingCope.","author":"This document was written by Chris Taschner.","public":["https://support.bea.com/application_content/product_portlets/securityadvisories/2793.html","http://secunia.com/advisories/31146/","http://milw0rm.com/exploits/6089","http://www.modsecurity.org/"],"cveids":["CVE-2008-3257"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2008-07-21T20:12:26Z","publicdate":"2008-07-21T00:00:00Z","datefirstpublished":"2008-07-29T18:30:29Z","dateupdated":"2008-08-06T16:48:41Z","revision":8,"vrda_d1_directreport":"0","vrda_d1_population":"2","vrda_d1_impact":"3","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"7","cam_population":"7","cam_impact":"20","cam_easeofexploitation":"15","cam_attackeraccessrequired":"20","cam_scorecurrent":"17.325","cam_scorecurrentwidelyknown":"21.2625","cam_scorecurrentwidelyknownexploited":"37.0125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":17.325,"vulnote":null}