Weblogic Zero-Day Vulnerability
From: April Sims <aprilcsims_at_gmail.com>
Date: Thu, 25 Apr 2019 10:38:32 -0500
Message-ID: <CAK+cZDe-uDf30LorJNz6-6bPXr+QcYggbg-cEc7wgDwkoH7TTQ_at_mail.gmail.com>
If you're using WebLogic, especially public-facing, you may want to review this article from yesterday:
https://securityaffairs.co/wordpress/84450/breaking-news/oracle-weblogic-zeroday.html
Date: Thu, 25 Apr 2019 10:38:32 -0500
Message-ID: <CAK+cZDe-uDf30LorJNz6-6bPXr+QcYggbg-cEc7wgDwkoH7TTQ_at_mail.gmail.com>
If you're using WebLogic, especially public-facing, you may want to review this article from yesterday:
https://securityaffairs.co/wordpress/84450/breaking-news/oracle-weblogic-zeroday.html
There appears to be no patch at this point in time, but if you have application firewall functionality that can filter access to URLs “/_async/*“ and ”/wls-wsat/*“ it seems it would be wise to do so.
We can also renam all instances of the war files wls-wsat.war and
wls9_async_response.war
and reboot to keep it from running in memory.
-- April C. Sims http://aprilcsims.wordpress.com Twitter, LinkedIn Oracle Database 11g – Underground Advice for Database Administrators <http://www.amazon.com/Oracle-Database-Underground-Advice-Administrators/dp/1849680000/ref=sr_1_1?ie=UTF8&s=books&qid=1272289339&sr=8-1#noop> https://www.packtpub.com/oracle-11g-database-implementations-guide/book OCP 8i, 9i, 10g, 11g DBA Southern Utah University aprilcsims_at_gmail.com -- http://www.freelists.org/webpage/oracle-lReceived on Thu Apr 25 2019 - 17:38:32 CEST