8 matches found
EUVD-2007-5551
Malware in sbrugna...
BEA Tuxedo 6/7/8 and WebLogic Enterprise 4/5 Input Validation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8931/info A vulnerability has reported to exist in BEA Tuxedo and WebLogic Enterprise due to Tuxedo administration console. The script is reported to accept various initialization arguments such as INIFILE that are not...
CVE-2007-5576
BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows physically proximate attackers to obtain sensitive information via the 1 cnsbind, 2 cnsunbind, or 3 cnsls commands...
Command injection
BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows physically proximate attackers to obtain sensitive information via the 1 cnsbind, 2 cnsunbind, or 3 cnsls commands...
CVE-2007-5576
BEA Tuxedo 8.0 prior to RP392 and 8.1 prior to RP293, and WebLogic Enterprise 5.1 prior to RP174, disclose passwords in cleartext via local commands (cnsbind, cnsunbind, cnsls), enabling physically proximate attackers to obtain sensitive information. Affected components: password handling in the ...
CVE-2007-5576
BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows physically proximate attackers to obtain sensitive information via the 1 cnsbind, 2 cnsunbind, or 3 cnsls commands...
BEA Tuxedo 678 and WebLogic Enterprise 45 - Input Validation
BEA Tuxedo 678 and WebLogic Enterprise 45 - Input Validation source: https://www.securityfocus.com/bid/8931/info A vulnerability has reported to exist in BEA Tuxedo and WebLogic Enterprise due to Tuxedo administration console. The script is reported to accept various initialization arguments such...
BEA Tuxedo 6/7/8 and WebLogic Enterprise 4/5 - Input Validation
source: https://www.securityfocus.com/bid/8931/info A vulnerability has reported to exist in BEA Tuxedo and WebLogic Enterprise due to Tuxedo administration console. The script is reported to accept various initialization arguments such as INIFILE that are not properly sanitized for user-supplied...