description modified

unstable
jvazquez-r7 2012-05-18 01:23:09 +02:00
parent e7f5bf132c
commit bedf010676
1 changed files with 6 additions and 8 deletions

View File

@ -22,14 +22,12 @@ class Metasploit3 < Msf::Exploit::Remote
Weblogic Apache plugin.
The connector fails to properly handle specially crafted HTTP POST
requests resulting in a buffer overflow due to the insecure usage
of sprintf.
The Weblogic Apache plugin version is fingerprinted with a POST
request containing a specially crafted Transfer-Encoding header.
At this moment this module works over Windows systems without DEP
requests, resulting a buffer overflow due to the insecure usage
of sprintf. Currently, this module works over Windows systems without DEP,
and has been tested with Windows 2000 / XP.
In addition, the Weblogic Apache plugin version is fingerprinted with a POST
request containing a specially crafted Transfer-Encoding header.
},
'Author' =>
[