Vigil@nce: Apache, WebLogic, buffer overflow of mod_wl
July 2008 by Vigil@nce
SYNTHESIS
An attacker can create an overflow in the WebLogic mod_wl module
for Apache httpd.
Gravity: 3/4
Consequences: user access/rights, denial of service of service
Provenance: internet client
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: unique source (2/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 18/07/2008
Identifier: VIGILANCE-VUL-7955
IMPACTED PRODUCTS
– Apache httpd [confidential versions]
– Oracle WebLogic Server [confidential versions]
DESCRIPTION
The mod_wl module can be installed in the front end of a WebLogic
server. This module is not installed by default.
The HTTP protocol uses POST queries like :
POST /path HTTP/version
...
However, when mod_wl receives POST queries where the size of
"HTTP/version" is longer than 4096 characters, a buffer overflow
occurs.
A remote attacker can therefore create a denial of service or
execute code on Apache web server.
CHARACTERISTICS
Identifiers: BID-30273, VIGILANCE-VUL-7955