what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New


Posted Jul 10, 2002
Authored by Peter Grundl | Site kpmg.dk

The Bea Weblogic server v5.1.x - 7.0 on on Windows 2000 and NT s vulnerable to a data/connection flooding vulnerability that will result in the web service crashing with a report of an error in NTDLL.DLL.

tags | web
systems | windows
SHA-256 | dd160476ade9f37a3ffeb6de0034fa4f92660fc33d0466f882498e45e0c25e92


Change Mirror Download

Title: Bea Weblogic Performance Pack Denial of Service

BUG-ID: 2002029
Released: 8th Jul 2002

If the performance pack is enabled, the Bea Weblogic Server can be
crashed by a malicious user. The performance pack is enabled in a
default installation.

- Bea Weblogic 7.0 on Windows 2000 Server

The vendor has reproduced the issue on:
BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 on
Microsoft NT or Windows 2000.

Product Description:
Quoted from the vendor webpage:

"Designed for enterprise applications that demand the flexibility
and security of server-side components in Java, BEA WebLogic ServerT
brings scalability, performance, and fault tolerance to mission-
critical Web-based solutions. BEA WebLogic Server is an award-
winning Java application server for developing, deploying, and
managing Web applications. BEA WebLogic Server also offers the most
complete implementation of the Java 2 Enterprise Edition standard -
including Enterprise JavaBeans."

The Bea Weblogic Server is vulnerable to a data/connection flooding
that will result in the web service crashing with a report of an
error in NTDLL.DLL.

Vendor URL:
You can visit the vendor webpage here: http://www.bea.com

Vendor response:
The vendor was notified on the 1st of May, 2002. On the 2nd of
May, 2002 the vendor had reproduced the issue and assigned
case number 324070 and change request CR076409 to the issue.
On the 17th of May, 2002 the vendor supplied us with a
workaround for the issue. On the 3rd of July, the vendor issued
an official patch for the issue.

Corrective action:
As a temporary workaround, you can disable the performance pack:

1. Start the WebLogic Server Console.
2. Open the Servers folder in the navigation tree.
3. Select your server in the Servers folder.
4. Select the Configuration tab.
5. Select the Tuning tab.
6. If the "Native IO Enabled" check box is selected, uncheck it.
7. Click Apply.
8. Restart your server.

The vendor released bulletin, containing links to the official
patches, can be accessed through this URL (wrapped for readability):


Author: Peter Gr√ľndl (pgrundl@kpmg.dk)

KPMG is not responsible for the misuse of the information we provide
through our security advisories. These advisories are a service to
the professional security community. In no event shall KPMG be lia-
ble for any consequences whatsoever arising out of or in connection
with the use or spread of this information.

Login or Register to add favorites

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By