Test ID:	1.3.6.1.4.1.25623.1.0.55690
Category:	CGI abuses
Title:	WebLogic Server Potential Password Disclosure Weakness
Summary:	WebLogic Server Potential Password Disclosure Weakness
Description:	The remote host, according to its banner, is running a WebLogic Server vulnerable to password disclosure. The flaw results when using a foreign Java Message Service (JMS). In these cases, the password for the foreign provider is echoed to the console and stored in cleartest in config.xml. Solution : Apply the latest service pack. For 8.1, apply SP2 or later. http://dev2dev.bea.com/pub/advisory/63 Risk factor : Medium
Cross-Ref:	BugTraq ID: 9034 Common Vulnerability Exposure (CVE) ID: CVE-2003-1222 http://dev2dev.bea.com/pub/advisory/63 http://www.securityfocus.com/bid/9034
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: