BEA WebLogic Multiple Vulnerabilities

BEA WebLogic Multiple Vulnerabilities

References:

BEA06-121.00 - The stopWebLogic.sh script echoes the system password on UNIX (BEA Systems)
BEA06-124.00 - Applications installed on WebLogic Server can obtain private keys (BEA Systems)
BEA06-125.00 - Internal network information may be externally visible (BEA Systems)
BEA06-126.00 - Console incorrectly set JDBC policies (BEA Systems)
BEA06-127.00 - WebLogic Server HTTP handlers log username and password on failur (BEA Systems)
BEA06-128.00 - Domain name is exposed on Console login form (BEA Systems)
BEA06-129.00 - Console displays the WebLogic Server IP address (BEA Systems)
BEA06-130.00 - JSP showcode vulnerability (BEA Systems)
BEA06-131.00 - Recovering admin password can leave cleartext password on disk (BEA Systems)
BEA06-132.00 - Incorrect Quality of Service on some transaction coordination (BEA Systems)
BEA06-133.00 - Sensitive internal system data may be exposed on the wire (BEA Systems)
Weblogic (BEA Systems)
WebLogic Portal Product Page (BEA Systems)
WebLogic Server Product Homepage (Oracle)
Security Advisory: (BEA07-107.02) (BEA Systems)

Privacy Statement
Copyright 2010, SecurityFocus