 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2004-1758 |
| Description: | BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up to SP4, and 6.1 up to SP6 may store the database username and password for an untargeted JDBC connection pool in plaintext in config.xml, which allows local users to gain privileges. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.55450 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-1758 BugTraq ID: 10131 http://www.securityfocus.com/bid/10131 CERT/CC vulnerability note: VU#920238 http://www.kb.cert.org/vuls/id/920238 http://www.osvdb.org/5297 http://securitytracker.com/id?1009764 http://secunia.com/advisories/11357 XForce ISS Database: bea-configxml-plaintext-password(15860) https://exchange.xforce.ibmcloud.com/vulnerabilities/15860 |