CVE-2003-1290 Information

Description

BEA WebLogic Server and WebLogic Express 6.1 7.0 and 8.1 with RMI and anonymous admin lookup enabled allows remote attackers to obtain configuration information by accessing MBeanHome via the Java Naming and Directory Interface (JNDI).

Reference

http://dev2dev.bea.com/pub/advisory/162 http://secunia.com/advisories/10218 http://secunia.com/advisories/18396 http://www.osvdb.org/3064 http://www.securityfocus.com/bid/16215 http://www.securityfocus.com/bid/9034 https://exchange.xforce.ibmcloud.com/vulnerabilities/13752