Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: BEA WebLogic internal hostname disclosure

BEA WebLogic internal hostname disclosure

From: Michael Hendrickx <michael_at_scanit.be>
Date: Wed, 02 Apr 2003 11:27:10 +0200

Hi,

During a penentration test, I discovered that the BEA Weblogic Server
reveals it hostname (on windows machines NetBIOS name) while sending the
following request:

GET . HTTP/1.0\r\n\r\n

On older systems (Weblogic 7.0), a simple "BLAH . BLAH\r\n\r\n" will do
the same trick. BEA was contacted about two weeks ago, but I haven't
heard from them (yet).

Regards,
Michael

-- 
Michael Hendrickx
Security Engineer
Scanit NV/SA
http://www.scanit.be

Received on Apr 02 2003

This message: [ Message body ]
Next message: Erik Forsberg: "Microsoft Terminal Services vulnerable to MITM-attacks."
Previous message: bugzilla_at_redhat.com: "[RHSA-2003:091-01] Updated kerberos packages fix various vulnerabilities"
Next in thread: Kurt Seifried: "Re: BEA WebLogic internal hostname disclosure"
Reply: Kurt Seifried: "Re: BEA WebLogic internal hostname disclosure"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]