HTTP.Header.Transfer.Encoding.Buffer.Overflow
Description
This indicates an attack attempt against a buffer-overflow vulnerability in BEA WebLogic Server Apache plugin.
The vulnerability is caused by an error when the vulnerable software handles a transfer-encoding POST request. It allows a remote attacker to execute arbitrary code via sending a crafted HTTP request.
Affected Products
BEA Product Suite 10.3
BEA Product Suite 10.0 MP1
BEA Product Suite 9.2 MP3
BEA Product Suite 9.1
BEA Product Suite 9.0
BEA Product Suite 8.1 SP6
BEA Product Suite 7.0 SP7
BEA Product Suite 6.1 SP7
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the vendor's web site:
ftp://anonymous:dev2dev%40bea%2Ecom@ftpna.bea.com/pub/releases/security/WLSWebServerPlugins1.0.1150354-Apache.zip
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |