Vulnerability Development mailing list archives
WebLogic 5.1.0 SP < SP6
From: "Matt W." <kmx () EGATOBAS ORG>
Date: Wed, 14 Mar 2001 03:05:30 -0600
Was pentesting a few WebLogic 5.1.0 SP6 webservers and came across the ".." Double Dot Vulnerability (bugtraq id 2138 ) and was wondering if anyone has successfully created an exploit for this. I've been playing with it and all i can get out of the weblogic server is the following perl -e 'print "GET" . "/.." . "A" x 10 . "HTTP/1.0" . "\n\n"' | nc <server> <port> HTTP/1.1 500 internal Server Error Server: Weblogic 5.1.0 Service Pack 6 09/20/2000 Content-Length: 0 Conten-Type: text/html Connection:Close java.lang.NullPointerException <disconnect> Server Stays up no crash The other interesting thing is if you put a space between the GET and the /.. it still does the above but if put a space between the A's and the HTTP/1.0 there is no error. anyone got more info? -matt
Current thread:
- WebLogic 5.1.0 SP < SP6 Matt W. (Mar 14)
- Re: WebLogic 5.1.0 SP < SP6 Pavel Kankovsky (Mar 17)