| VID |
22425 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
An example file was found on the BEA Weblogic server. Several of the sample files that come with Weblogic contain serious security flaws. A remote attacker can use these example files to relay web requests from this machine to another one or view sensitive configuration information. This might help a remote attacker to launch further attacks against the affected system.
* Platforms Affected:
BEA Weblogic web server Any version
Any operating system Any version |
| Recommendation |
Consider the following recommendations:
- Remove the file if it is not needed.
- Restrict the directory permissions.
- Carefully rename the file to a value that is difficult to guess.
- Move it to a location not accessible from the outside. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
