Date: 05 December 2007
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AA-2007.0118 AUSCERT Advisory
[Win][Linux]
Multiple vulnerabilities in BEA Plumtree Foundation and BEA
AquaLogic Interaction
5 December 2007
- ---------------------------------------------------------------------------
AusCERT Advisory Summary
------------------------
Product: BEA Plumtree Foundation
BEA AquaLogic Interaction
Operating System: Windows
Linux variants
Impact: Access Confidential Data
Inappropriate Access
Access: Remote/Unauthenticated
CVE Names: CVE-2007-6198 CVE-2007-6197
Member content until: Tuesday, January 01 2008
Revision History: December 5 2007: Added CVE References
December 4 2007: Initial Release
OVERVIEW:
Multiple vulnerabilities in BEA Plumtree Foundation and BEA
AquaLogic Interaction have been reported, which can be exploited
remotely to access confidential system and user information.
IMPACT:
BEA detailed the vulnerabilities as follows:
a) "An attacker can get the internal hostname of the server hosting
BEA Plumtree Foundation." [1]
b) "An attacker can determine the exact product version along with
the build date." [2]
c) "Through a simple HTTP request or by exercising the basic search
form functionality, the guest user can view user objects and user
properties." [3]
Whilst the first two are less serious, the third could be used in
combination with a brute force attack which, if successful, can
result in an account compromise.
MITIGATION:
Whilst there are currently no updates available to correct these
issues, BEA have published detailed steps to correct each of these
vulnerabilities. These can be viewed on the webpages referenced
above.
REFERENCES:
[1] BEA Plumtree Foundation internal hostname disclosure
vulnerability.
http://dev2dev.bea.com/pub/advisory/251
[2] BEA Plumtree Foundation full version vulnerability.
http://dev2dev.bea.com/pub/advisory/252
[3] BEA Plumtree Foundation search facility allows an
unauthenticated guest user to search for user objects.
http://dev2dev.bea.com/pub/advisory/254
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBR1XnMSh9+71yA2DNAQLEWwP9HM5yHv2L3hh4sg1eTl8MbHDVEadlGxJi
fIIRNZa1ls4F1OKFmc/gynZznsnumeqFCnlBOLicq+yjIC3I09oyNxcgzTlVPH88
yv/40wNsmQ8k7ONxQwUktvem9+NZS1VK1Xzk+Zjv+EY1iIWWDy8bjymhbHyFdmkB
Xnn60vTHORg=
=aNVP
-----END PGP SIGNATURE-----
|