The embedded LDAP server in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 5, allows remote anonymous binds, which may allow remote attackers to view user entries or cause a denial of service.
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Primary | 2.0 | 5.0 | MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
| CWE ID | Type | Source |
|---|---|---|
| NVD-CWE-Other | Primary | nvd@nist.gov |
| Hyperlink | Source | Resource |
|---|---|---|
| http://dev2dev.bea.com/pub/advisory/131 | cve@mitre.org | Vendor Advisory |
| http://secunia.com/advisories/15486 | cve@mitre.org | Vendor Advisory |
| http://securitytracker.com/id?1014049 | cve@mitre.org | N/A |
| http://www.securityfocus.com/bid/13717 | cve@mitre.org | N/A |
| http://www.vupen.com/english/advisories/2005/0608 | cve@mitre.org | N/A |
| http://dev2dev.bea.com/pub/advisory/131 | af854a3a-2127-422b-91ae-364da2661108 | Vendor Advisory |
| http://secunia.com/advisories/15486 | af854a3a-2127-422b-91ae-364da2661108 | Vendor Advisory |
| http://securitytracker.com/id?1014049 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.securityfocus.com/bid/13717 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.vupen.com/english/advisories/2005/0608 | af854a3a-2127-422b-91ae-364da2661108 | N/A |