| VID |
22195 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
Servlet |
| Detailed Description |
The WebLogic Server has a source code disclosure vulnerability (3).
Certain versions of BEA Systems Weblogic server ship with a vulnerability which allows malicious users to view the source of .jsp and .jhtml pages which reside in the web document root directory, caused by a vulnerability in the SSIServlet (Server Side Include Servlet). A remote attacker could send a request for a known file prefixed with "/*.shtml/", which invokes the SSIServlet and causes the requested file's source code to be displayed.
* Refereces:
http://www.weblogic.com/docs51/admindocs/lockdown.html#1111303
http://www.foundstone.com/knowledge/randd-advisories-display.html?id=29
http://www.securityfocus.com/advisories/2459
* Platforms Affected:
BEA WebLogic Server and Express 4.5.x
BEA WebLogic Server and Express 5.1.x
BEA WebLogic Enterprise 5.1
Windows Any version
Linux Any version
Unix Any version |
| Recommendation |
Apply the patch for the "Show Code" vulnerability, as listed in BEA Systems, Inc. Security Advisory BEA02-03.03, http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA02-03.jsp
Once the patch has been applied, review the weblogic.properties file and ensure that the following changes have been made:
weblogic.httpd.register.file=weblogic.servlet.FileServlet weblogic.httpd.initArgs.file=defaultFilename=index.html weblogic.httpd.defaultServlet=file
should be changed to:
weblogic.httpd.register.*.html=weblogic.servlet.FileServlet weblogic.httpd.initArgs.*.html=defaultFilename=index.html weblogic.httpd.defaultServlet=*.html |
| Related URL |
CVE-2000-0683 (CVE) |
| Related URL |
1517 (SecurityFocus) |
| Related URL |
11746 (ISS) |
|
