Vulnerability CVE-2006-0419 - CERT Civis.Net

Vulnerability Name:

CVE-2006-0419 (CCN-44281)

Assigned:

2006-01-24

Published:

2006-01-24

Updated:

2008-09-05

Summary:

BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6 allows anonymous binds to the embedded LDAP server, which allows remote attackers to read user entries or cause a denial of service (unspecified) via a large number of connections.

CVSS v3 Severity:

6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P)
4.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial

6.4 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P)
4.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2006-0419

Source: BEA
Type: Exploit, Vendor Advisory
BEA06-81.01

Source: CCN
Type: SECTRACK ID: 1015528
BEA WebLogic Multiple Bugs Let Remote Users Deny Service, Obtain Information, and Access Restricted Resources

Source: SECTRACK
Type: Patch
1015528

Source: CCN
Type: OSVDB ID: 60411
BEA WebLogic Embedded LDAP Server Anonymous Bind Connection Saturation Remote DoS

Source: XF
Type: UNKNOWN
weblogic-ldap-dos(44281)

Source: CCN
Type: BEA06-81.02
Anonymous binds to the embedded LDAP server are allowed

Vulnerable Configuration:

Configuration 1:

cpe:/a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp1:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp2:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp3:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp4:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp5:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp6:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp6:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp1:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp2:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp3:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp4:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp4:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp5:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp5:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:9.0:*:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:9.0:*:express:*:*:*:*:*

Configuration CCN 1:

cpe:/a:oracle:weblogic_server:9.0:*:*:*:*:*:*:*

Denotes that component is vulnerable