Metasploit modules that can be used to exploit BEA products
-
Oracle Weblogic Apache Connector POST Request Buffer Overflow
Disclosure Date: 2008-07-17First seen: 2020-04-26exploit/windows/http/bea_weblogic_post_bofThis module exploits a stack based buffer overflow in the BEA Weblogic Apache plugin. The connector fails to properly handle specially crafted HTTP POST requests, resulting a buffer overflow due to the insecure usage of sprintf. Currently, this module works over Windows systems without DEP, and has been tested with Windows 2000 / XP. In addition, the Weblogic Apache plugin version is fingerprinted with a POST request containing a specially crafted Transfer-Encoding header. Authors: - KingCope - juan vazquez <juan.vazquez@metasploit.com>
1 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details