Security vulnerability in WebLogic plug-in for Apache(情報元のブックマーク数)
Oracle(BEA)がWebLogicのプラグインに脆弱性が存在するということで緊急でアドバイザリをだしています
すでに攻撃コードが出ているとのこと。
Recently an exploit has become publicly available which may impact the availability, confidentiality or integrity of WebLogic Server applications which use the Apache web server configured with the WebLogic plug-in for Apache. This vulnerability may be remotely exploitable without authentication, i.e. it may be exploited over a network without the need for a username and password. This note provides information for workarounds for this vulnerability.
Oracle Fusion Middleware
A subsequent revision of this note will be issued with information on how to obtain an updated version of the Apache plug-in to remedy this issue without the use of workarounds. This revision will be issued after testing has been completed on that updated plug-in.