|
|
Weblogic Remote Command Execution Vulnerability
As per the FoundStone Inc. advisory on this topic which is attached in full later in this entry: " Assume that there is an application on the WebLogic server that writes user entered data to a file called "temp.txt". Given below is JHTML/JSP code that will print "Hello World": <java>out.println("Hello World");</java> (JHTML) -or- <% out.println("Hello World"); %> (JSP) If this code is somehow inserted in the file "temp.txt" via an application, then the following can be used to invoke forced compilation and execution of "temp.txt": http://weblogic.site/*.jhtml/path/to/temp.txt (JHTML) -or- http://weblogic.site/*.jsp/path/to/temp.txt " |
|
Privacy Statement |