Intrusion Prevention

Oracle.BEA.WebLogic.Server.SSL.DoS

Description

This indicates an attack attempt against a denial-of-service vulnerability in Oracle BEA System's WebLogic products.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted SSL connection. It allows a remote attacker to cause a denial of service (network port comsumption).

Affected Products

BEA WebLogic Server for Win32 8.1 SP 4
BEA WebLogic Server for Win32 8.1 SP 3
BEA WebLogic Server for Win32 8.1 SP 2
BEA WebLogic Server for Win32 8.1 SP 1
BEA WebLogic Server for Win32 8.1
BEA Weblogic Server 8.1 SP 4
BEA Weblogic Server 8.1 SP 3
BEA Weblogic Server 8.1 SP 2
BEA Weblogic Server 8.1 SP 1
BEA Weblogic Server 8.1
BEA WebLogic Express for Win32 8.1 SP 4
BEA WebLogic Express for Win32 8.1 SP 3
BEA WebLogic Express for Win32 8.1 SP 2
BEA WebLogic Express for Win32 8.1 SP 1
BEA WebLogic Express for Win32 8.1
BEA WebLogic Express 8.1 SP 4
BEA WebLogic Express 8.1 SP 3
BEA WebLogic Express 8.1 SP 2
BEA WebLogic Express 8.1 SP 1
BEA WebLogic Express 8.1

Impact

Denial of service

Recommended Actions

Update to the latest versions:
http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_61.00.jsp

CVE References

CVE-2004-2424