virus logo Intrusion Prevention

Oracle.WebLogic.Server.mod_wl.HTTP.POST.Request.Code.Execution

description-logoDescription

This indicates an attack attempt against a Buffer Overflow vulnerability in Oracle Weblogic server.
The vulnerability is caused by an error when the Apache connector (mod_wl) handles an overlong "HTTP POST" request. It allows a remote attacker to execute arbitrary code via sending a crafted "POST" request.

affected-products-logoAffected Products

Oracle mod_wl
BEA Systems Weblogic Server 8.1 SP 6
BEA Systems Weblogic Server 8.1 SP 5
BEA Systems Weblogic Server 8.1 SP 4
BEA Systems Weblogic Server 8.1 SP 3
BEA Systems Weblogic Server 8.1 SP 2
BEA Systems Weblogic Server 8.1 SP 1
BEA Systems Weblogic Server 7.0 SP 7
BEA Systems Weblogic Server 7.0 SP 6
BEA Systems Weblogic Server 7.0 SP 5
BEA Systems Weblogic Server 7.0 SP 4
BEA Systems Weblogic Server 7.0 SP 3
BEA Systems Weblogic Server 7.0 SP 2
BEA Systems Weblogic Server 7.0 SP 1
BEA Systems Weblogic Server 6.1 SP 7
BEA Systems Weblogic Server 6.1 SP 5
BEA Systems Weblogic Server 6.1 SP 4
BEA Systems Weblogic Server 6.1 SP 3
BEA Systems Weblogic Server 6.1 SP 2
BEA Systems Weblogic Server 6.1 SP 1
BEA Systems Weblogic Server 9.2 Maintenance Pack
BEA Systems Weblogic Server 9.2
BEA Systems Weblogic Server 9.1
BEA Systems Weblogic Server 9.0
BEA Systems Weblogic Server 10.0 MP1
BEA Systems Weblogic Server 10.0
BEA Systems WebLogic Express 8.1 SP 5
BEA Systems WebLogic Express 8.1 SP 4
BEA Systems WebLogic Express 8.1 SP 3
BEA Systems WebLogic Express 8.1 SP 2
BEA Systems WebLogic Express 8.1 SP 1
BEA Systems WebLogic Express 8.1
BEA Systems WebLogic Express 7.0 .0.1 SP 4
BEA Systems WebLogic Express 7.0 .0.1 SP 3
BEA Systems WebLogic Express 7.0 .0.1 SP 2
BEA Systems WebLogic Express 7.0 .0.1 SP 1
BEA Systems WebLogic Express 7.0 SP 7
BEA Systems WebLogic Express 7.0 SP 6
BEA Systems WebLogic Express 7.0 SP 5
BEA Systems WebLogic Express 7.0 SP 4
BEA Systems WebLogic Express 7.0 SP 3
BEA Systems WebLogic Express 7.0 SP 2
BEA Systems WebLogic Express 7.0 SP 1
BEA Systems WebLogic Express 6.1 SP 7
BEA Systems WebLogic Express 6.1 SP 5
BEA Systems WebLogic Express 6.1 SP 4
BEA Systems WebLogic Express 6.1 SP 3
BEA Systems WebLogic Express 6.1 SP 2
BEA Systems WebLogic Express 6.1 SP 1
BEA Systems WebLogic Express 9.2
BEA Systems WebLogic Express 9.1
BEA Systems WebLogic Express 9.0
BEA Systems WebLogic Express 8.1.0 SP 6
BEA Systems WebLogic Express 10.0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the patch,available from the web site:

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-10-29 16.952 Name:Oracle.
mod_wl.
HTTP.
POST.
Request.
Code.
Execution:Oracle.
WebLogic.
Server.
mod_wl.
HTTP.
POST.
Request.
Code.
Execution
ID 29773
Created Oct 25, 2011
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2008-3257
Exploit Prediction Score 93.27%
Default Action drop
Active
Affected OS Windows
Affected App Other