Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0424

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2006-0424
Last Modified 07 Mar 2011 09:30:01
Published 25 Jan 2006 06:07:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-0424

Summary

BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allows remote authenticated guest users to read the server log and obtain sensitive configuration information.

Vulnerable Systems

Application

  • Bea Weblogic Server 6.1

  • Bea Weblogic Server 7.0

  • Bea Weblogic Server 8.1


References

SECTRACK - 1015528

SECUNIA - 18592

BEA - BEA06-111.00

XF - weblogic-server-log-disclosure(24295)

VUPEN - ADV-2006-0313

BID - 16358

OSVDB - 22776


Last Updated: 27 May 2016 10:41:38