Vulnerabilities > CVE-2002-1030 - Denial of Service vulnerability in BEA Systems WebLogic Server and Express Race Condition

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

high complexity

bea

NVD

Published: 2002-10-04

Updated: 2008-09-05

Summary

Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections.

Vulnerable Configurations

Part	Description	Count
Application	Bea BEA Weblogic Server 5.1 BEA Weblogic Server 6.0 BEA Weblogic Server 6.1 BEA Weblogic Server 7.0	40

References

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0008.html
http://dev2dev.bea.com/resourcelibrary/advisoriesdetail.jsp?highlight=advisoriesnotifications&path=components%2Fdev2dev%2Fresourcelibrary%2Fadvisoriesnotifications%2Fadvisory_BEA02-19.htm
http://online.securityfocus.com/archive/1/281046
http://www.iss.net/security_center/static/9486.php
http://www.securityfocus.com/bid/5159