CVE-2006-0419 Information

Description

BEA WebLogic Server and WebLogic Express 9.0 8.1 through SP5 and 7.0 through SP6 allows anonymous binds to the embedded LDAP server which allows remote attackers to read user entries or cause a denial of service (unspecified) via a large number of connections.

Reference

http://dev2dev.bea.com/pub/advisory/163 http://securitytracker.com/id?1015528