WebLogic Server < 5.1 SP 7 ".." URL Handling Remote Overflow DoS

2004-08-2000:00:00

Tenable

www.tenable.com

The remote WebLogic server can be disabled remotely by requesting a long URL starting with a double dot.

Binary data 1454.prm

VendorProductVersionCPE
beaweblogic_servercpe:/a:bea:weblogic_server

Vendor	Product	Version	CPE
bea	weblogic_server		cpe:/a:bea:weblogic_server

References

archives.neohapsis.com/archives/bugtraq/2000-12/0331.html

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0098