From: Levenglick, Jeff (JLevenglick@fhlbatl.com)
Date: Tue Feb 27 2007 - 09:38:59 EST
What do you mean by 'available of the public network' ?
Do you or your customer know how Bea works? When you setup a
server/portal you first setup an admin server and then as many managed
servers as you want. Some people only setup one admin server and run
their apps from it. The only difference is the admin console. (not
available in managed servers)
It is very possible that your customer has just setup one admin server.
(they should setup a managed server for better security) The console is
on the ip and port defined in the admin server. It could be
non-encrypted or encrypted based on what your settings are. This is not
a weakness. The user lockout is also a config setting.
Btw.. Bea 6.1 and below had very bad security. The fixed some in 7.x and
pretty much everything with 8.x and above. Ex: They used to store plain
text passwords in config files....ect
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Dio Pol
Sent: Monday, February 26, 2007 7:04 AM
To: Dieter
Cc: pen-test@securityfocus.com
Subject: Re: BEA Weblogic pentest
it's a good idea to read documentations from "site:bea.com" (could be
useful to find some interesting data...)
and take a look http://dev2dev.bea.com/advisoriesnotifications/ too
cheers,
dio spaventapassere
Dieter wrote:
> Hallo list,
>
> In pentesting a customer web application, I discovered a weakness in
> the BEA WebLogic Server Administration console appears to be available
> over the public network. This is BEA WebLogic Server 8.1.
>
> Do any folks have tips, suggestions, or checklist for things to check
> against this page or BEA WebLogic? I have tried brute forcing the
> login page which will lock out the administrators, and I don't know
> the usernames yet. I have tested for default BEA passwords but
> nothing.
>
> This PeopleSoft web application runs on WebLogic Server 8.1.
>
> Thank you, Dieter
>
>
------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
>
>
http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
00000008bOW
>
>
------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
00000008bOW
------------------------------------------------------------------------
-----------------------------------------
This e-mail message is private and may contain confidential or
privileged information.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:37 EDT