Metasploit modules that can be used to exploit Oracle » Bea Product Suite » 10.0 mp1
-
BEA WebLogic JSESSIONID Cookie Value Overflow
Disclosure Date: 2009-01-13First seen: 2020-04-26exploit/windows/http/bea_weblogic_jsessionidThis module exploits a buffer overflow in BEA's WebLogic plugin. The vulnerable code is only accessible when clustering is configured. A request containing a long JSESSION cookie value can lead to arbitrary code execution. Authors: - pusscat <pusscat@metasploit.com> -
BEA Weblogic Transfer-Encoding Buffer Overflow
Disclosure Date: 2008-09-09First seen: 2020-04-26exploit/windows/http/bea_weblogic_transfer_encodingThis module exploits a stack based buffer overflow in the BEA Weblogic Apache plugin. This vulnerability exists in the error reporting for unknown Transfer-Encoding headers. You may have to run this twice due to timing issues with handlers. Authors: - pusscat <pusscat@metasploit.com>
2 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details