BEA WebLogic Server/Express Potential Password Disclosure Weakness

BEA WebLogic Server/Express Potential Password Disclosure Weakness

Solution:
The vendor has released fixes to address this issue in WebLogic Server and WebLogic Express 8.1(SP 2) and 6.1(SP 6). This issue is also addressed in WebLogic Server and WebLogic Express version 7.0 service pack 5. Customers are advised to contact the vendor for further information regarding obtaining WebLogic Server and WebLogic Express version 7.0 service pack 5, other fixes are linked below.

BEA Systems WebLogic Server for Win32 6.1 SP 6

BEA Systems CR128888_61sp6.jar
ftp://ftpna.beasys.com/pub/releases/security/CR128888_61sp6.jar

BEA Systems WebLogic Express 6.1 SP6

BEA Systems CR128888_61sp6.jar
ftp://ftpna.beasys.com/pub/releases/security/CR128888_61sp6.jar

BEA Systems WebLogic Express for Win32 6.1 SP 6

BEA Systems CR128888_61sp6.jar
ftp://ftpna.beasys.com/pub/releases/security/CR128888_61sp6.jar

BEA Systems Weblogic Server 6.1 SP6

BEA Systems CR128888_61sp6.jar
ftp://ftpna.beasys.com/pub/releases/security/CR128888_61sp6.jar

BEA Systems Weblogic Server 8.1 SP 2

BEA Systems CR128888_81sp2.jar
ftp://ftpna.beasys.com/pub/releases/security/CR128888_81sp2.jar

BEA Systems WebLogic Server for Win32 8.1 SP 2

BEA Systems CR128888_81sp2.jar
ftp://ftpna.beasys.com/pub/releases/security/CR128888_81sp2.jar

BEA Systems WebLogic Express 8.1 SP 2

BEA Systems CR128888_81sp2.jar
ftp://ftpna.beasys.com/pub/releases/security/CR128888_81sp2.jar

BEA Systems WebLogic Express for Win32 8.1 SP 2

BEA Systems CR128888_81sp2.jar
ftp://ftpna.beasys.com/pub/releases/security/CR128888_81sp2.jar