Vulnerabilities > CVE-2008-4011 - Unspecified vulnerability in Oracle BEA Product Suite

CVSS 2.1 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

high complexity

oracle

nessus

NVD

Published: 2008-10-14

Updated: 2017-08-08

Summary

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote authenticated users to affect integrity via unknown vectors.

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle BEA Product Suite 9.0 Oracle BEA Product Suite 9.1 Oracle BEA Product Suite 9.2 Oracle BEA Product Suite 10.0	4

Nessus

NASL family	Web Servers
NASL id	WEBLOGIC_CR367966.NASL
description	According to its self-reported banner, the version of Oracle WebLogic Server running on the remote host is affected by an unspecified privilege escalation vulnerability such that some applications in admin state are made available to non-admin users.
last seen	2020-06-01
modified	2020-06-02
plugin id	17739
published	2011-11-30
reporter	This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/17739
title	Oracle WebLogic Admin State Unspecified Privilege Escalation (CVE-2008-4011)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if(description) { script_id(17739); script_version("1.5"); script_cvs_date("Date: 2018/11/15 20:50:26"); script_cve_id("CVE-2008-4011"); script_name(english:"Oracle WebLogic Admin State Unspecified Privilege Escalation (CVE-2008-4011)"); script_summary(english:"Checks the version of Oracle WebLogic"); script_set_attribute( attribute:"synopsis", value: "The remote Oracle WebLogic Server has an unspecified privilege escalation vulnerability." ); script_set_attribute( attribute:"description", value: "According to its self-reported banner, the version of Oracle WebLogic Server running on the remote host is affected by an unspecified privilege escalation vulnerability such that some applications in admin state are made available to non-admin users." ); script_set_attribute( attribute:"see_also", value:"https://www.oracle.com/technetwork/topics/security/2804-094742.html" ); script_set_attribute( attribute:"solution", value: "Upgrade and/or apply the appropriate patch as described in Oracle's advisory." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:N/I:P/A:N"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/10/14"); script_set_attribute(attribute:"patch_publication_date", value:"2008/10/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/11/30"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:bea:weblogic_server"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:weblogic_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc."); script_dependencies("weblogic_detect.nasl"); script_require_keys("www/weblogic"); script_require_ports("Services/www", 80, 7001); exit(0); } include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = get_http_port(default:7001); get_kb_item_or_exit("www/weblogic/" + port + "/installed"); version = get_kb_item_or_exit("www/weblogic/" + port + "/version", exit_code:1); service_pack = get_kb_item("www/weblogic/" + port + "/service_pack"); if (isnull(service_pack)) version_ui = version; else version_ui = version + ' ' + service_pack; fix = ''; if (version == "9.0" && isnull(service_pack)) { fix = '9.0 with #7824963 and #7824467'; } else if (version == "9.1" && isnull(service_pack)) { fix = '9.1 with CR367966'; } else if (version == "9.2" && (isnull(service_pack) \|\| service_pack =~ "^MP[1-3]$")) { fix = '9.2 MP3 with CR367966'; } else if (version == "10.0" && (isnull(service_pack) \|\| service_pack == "MP1")) { fix = '10.0 MP1 with CR367966'; } else exit(0, "The Oracle WebLogic "+version_ui+" install listening on port "+port+" is not affected."); cr_patch = "CR367966"; if (get_kb_item("www/weblogic/" + port + "/cr_patches/" + cr_patch)) exit(0, "The Oracle WebLogic "+version_ui+" install listening on port "+port+" is not affected since it has the patch for "+cr_patch+"."); if (report_verbosity > 0) { source = get_kb_item_or_exit("www/weblogic/" + port + "/source", exit_code:1); report = '\n Source : ' + source + '\n Installed version : ' + version_ui + '\n Fixed version : ' + fix + '\n'; security_note(port:port, extra:report); } else security_note(port);

Seebug

bulletinFamily	exploit
description	BUGTRAQ ID: 31683 CVE(CAN) ID: CVE-2008-4008,CVE-2008-4009,CVE-2008-4010,CVE-2008-4011,CVE-2008-4012,CVE-2008-4013,CVE-2008-4000,CVE-2008-4001,CVE-2008-4002,CVE-2008-4003,CVE-2008-4004,CVE-2008-3985,CVE-2008-3988,CVE-2008-3998,CVE-2008-3619,CVE-2008-3993,CVE-2008-3975,CVE-2008-3977,CVE-2008-3588,CVE-2008-3986,CVE-2008-3987,CVE-2008-3989,CVE-2008-2624,CVE-2008-3996,CVE-2008-3992,CVE-2008-3976,CVE-2008-3982,CVE-2008-3983,CVE-2008-3984,CVE-2008-3994,CVE-2008-3980,CVE-2008-4005,CVE-2008-2625,CVE-2008-3990,CVE-2008-3991 Oracle Database是一款商业性质大型数据库系统。 Oracle发布了2008年7月的紧急补丁更新公告，修复了多个Oracle产品中的多个漏洞。这些漏洞影响Oracle产品的所有安全属性，可导致本地和远程的威胁。其中一些漏洞可能需要各种级别的授权，但也有些不需要任何授权。最严重的漏洞可能导致完全入侵数据库系统。目前已知的漏洞包括： BEA WebLogic Workshop中有关NetUI标签的漏洞可能导致信息泄露。 BEA WebLogic Server在使用多个授权者（如XACMLAuthorizer和DefaultAuthorizer）时的错误可能允许绕过某些安全限制。 Apache的WebLogic插件中的错误可能导致完全的系统入侵。将Bea WebLogic Server 8.1SP3升级到更高版本可能导致无效用户可以使用之前受保护的应用。成功攻击要求使用了CLIENT-CERT认证方式。 Oracle Application Server 9.0.4.3 Oracle Application Server 10.1.3.4.0 Oracle Application Server 10.1.3.0.0 Oracle Application Server 10.1.2.3.0 Oracle Application Server 10.1.2.2.0 Oracle E-Business Suite 12.0.4 Oracle E-Business Suite 11.5.10.2 Oracle Database 9.2.0.8DV Oracle Database 9.2.0.8 Oracle Database 11.1.0.6 Oracle Database 10.2.0.4 Oracle Database 10.2.0.3 Oracle Database 10.2.0.2 Oracle Database 10.1.0.5 Oracle JD Edwards EnterpriseOne Tools 8.98 Oracle JD Edwards EnterpriseOne Tools 8.97 Oracle PeopleSoft Enterprise PeopleTools 8.49.14 Oracle PeopleSoft Enterprise PeopleTools 8.48.18 Oracle WebLogic Server 9.2 Oracle WebLogic Server 9.1 Oracle WebLogic Server 9.0 Oracle WebLogic Server 8.1 Oracle WebLogic Server 7.0 Oracle WebLogic Server 6.1 Oracle WebLogic Server 10.0 Oracle PeopleSoft Enterprise Portal 9.0 Oracle PeopleSoft Enterprise Portal 8.9 Oracle Workshop for WebLogic 9.2 Oracle Workshop for WebLogic 9.1 Oracle Workshop for WebLogic 9.0 Oracle Workshop for WebLogic 8.1 Oracle Workshop for WebLogic 10.3 GA Oracle Workshop for WebLogic 10.2 GA Oracle Workshop for WebLogic 10.0 厂商补丁： Oracle ------ Oracle已经为此发布了一个安全公告（cpuoct2008）以及相应补丁: cpuoct2008：Oracle Critical Patch Update Advisory - October 2008 链接：<a href=http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2008.html?_template=/o target=_blank>http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2008.html?_template=/o</a>
id	SSV:4264
last seen	2017-11-19
modified	2008-10-20
published	2008-10-20
reporter	Root
title	Oracle 2008年10月紧急补丁更新修复多个漏洞

Summary

Vulnerable Configurations

Nessus

Seebug

References