Intrusion Prevention

Oracle.BEA.WebLogic.Server.Apache.Connector.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Oracle BEA WebLogic Server Apache Connector.
The vulnerability is caused by a boundary error when the Apache connector handles a specially crafted HTTP request, that could lead to denial of service.

Affected Products

Oracle WebLogic Server (formerly BEA WebLogic Server) 10.0 through MP1
Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 GA
Oracle WebLogic Server (formerly BEA WebLogic Server) 9.0 GA
Oracle WebLogic Server (formerly BEA WebLogic Server) 9.1 GA
Oracle WebLogic Server (formerly BEA WebLogic Server) 9.2 through MP3
Oracle WebLogic Server (formerly BEA WebLogic Server) 8.1 through SP6
Oracle WebLogic Server (formerly BEA WebLogic Server) 7.0 through SP7
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 10.0 through MP1
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 10.2 GA
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 10.3 GA
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 9.2 through MP3
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 8.1 through SP6

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the patch, available from the website:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2009.html.

CVE References

CVE-2008-5457