Penetration Testing mailing list archives
[PEN-TEST] WebLogic 5.1.0 < SP7
From: "Matt W." <kmx () EGATOBAS ORG>
Date: Thu, 15 Mar 2001 18:02:30 -0600
Was pentesting a few WebLogic 5.1.0 SP6 webservers and came across the ".." Double Dot Vulnerability (bugtraq id 2138 ) and was wondering if anyone has successfully created an exploit for this. I've been playing with it and all i can get out of the weblogic server is the following perl -e 'print "GET" . "/.." . "A" x 10 . "HTTP/1.0" . "\n\n"' | nc <server> <port> HTTP/1.1 500 internal Server Error Server: Weblogic 5.1.0 Service Pack 6 09/20/2000 Content-Length: 0 Conten-Type: text/html Connection:Close java.lang.NullPointerException <disconnect> Server Stays up no crash The other interesting thing is if you put a space between the GET and the /.. it still does the above but if put a space between the A's and the HTTP/1.0 there is no error. anyone got more info? -matt
Current thread:
- [PEN-TEST] WebLogic 5.1.0 < SP7 Matt W. (Mar 15)
- Re: [PEN-TEST] WebLogic 5.1.0 < SP7 Ted Behling (Mar 16)