|
Family: Misc. --> Category: infos
WebLogic Certificates Spoofing Vulnerability Scan
Vulnerability Scan Summary Checks the version of WebLogic
Detailed Explanation for this Vulnerability Test
The remote web server is running WebLogic.
There is a bug in this version which may allow a possible hacker to perform
a man-in-the-middle attack against the remote server by supplying a
self-signed certificate.
A possible hacker with a legitimate certificate may use this flaw to impersonate
any other user on the remote server.
Solutions : http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-31.jsp
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|