WebLogic SSL Certificate Chain User Spoofing

medium Nessus Plugin ID 11628

Synopsis

The remote service is vulnerable to an impersonation attack.

Description

The remote web server is running WebLogic.

There is a bug in this version that could allow an attacker to perform a man-in-the-middle attack against the remote server by supplying a self-signed certificate.

An attacker with a legitimate certificate could use this flaw to impersonate any other user on the remote server.

Solution

Upgrade to listed versions or higher, as it has been reported to fix this vulnerability. Upgrades and/or patches are required as there are no known workarounds.

WebLogic Server and Express 7.0 or 7.0.0.1:
- Apply Service Pack 2.
- If using NSAPI Plugin, ISAPI Plugin, or Apache Plugin should upgrade to the 7.0 Service Pack 2 version of the Plugin.

WebLogic Server and Express 6.1:
- Apply Service Pack 5.
- If using NSAPI Plugin, ISAPI Plugin, or Apache Plugin should upgrade to the 6.1 Service Pack 5 version of the Plugin.

WebLogic Server and Express 5.1:
- Apply Service Pack 13.
- Apply CR090101_src510 patch.

WebLogic Enterprise 5.1:
- Apply Rolling Patch 145 or later.

WebLogic Enterprise 5.0:
- Apply Rolling Patch 59 or later.

WebLogic Tuxedo 8.1:
- Apply Rolling Patch 12 or later.

WebLogic Tuxedo 8.0:
- Apply Rolling Patch 166 or later.

See Also

https://moxie.org/ie-ssl-chain.txt

Plugin Details

Severity: Medium

ID: 11628

File Name: weblogic_casigned_cert_spoofing.nasl

Version: 1.19

Type: remote

Family: Web Servers

Published: 5/14/2003

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:oracle:weblogic_server

Required KB Items: www/weblogic

Vulnerability Publication Date: 5/25/2003

Reference Information

SECUNIA: 8778