What is the severity of CVE-2007-0421?

CVE-2007-0421 is classified as a denial of service vulnerability that can cause disk consumption on affected BEA WebLogic Server versions.

How do I fix CVE-2007-0421?

To fix CVE-2007-0421, upgrade to a version of BEA WebLogic Server that is not affected, specifically versions beyond 7.0 SP7.

What versions of BEA WebLogic Server are affected by CVE-2007-0421?

CVE-2007-0421 affects BEA WebLogic Server versions 6.1 through 6.1 SP7 and 7.0 through 7.0 SP7.

What type of attack can exploit CVE-2007-0421?

CVE-2007-0421 can be exploited by remote attackers through requests containing malformed headers.

What impact does CVE-2007-0421 have on a system?

The impact of CVE-2007-0421 is that it can lead to denial of service by causing excessive disk space consumption through log file generation.

Vulnerability/
CVE-2007-0421

medium

6.4

CWE

NVD-CWE-Other

23/1/2007

7/8/2024

CVE-2007-0421

First published: Tue Jan 23 2007(Updated: )

BEA WebLogic Server 6.1 through 6.1 SP7, and 7.0 through 7.0 SP7 allows remote attackers to cause a denial of service (disk consumption) via requests containing malformed headers, which cause a large amount of data to be written to the server log.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Oracle WebLogic Server	=6.1
Oracle WebLogic Server	=6.1-sp1
Oracle WebLogic Server	=6.1-sp2
Oracle WebLogic Server	=6.1-sp3
Oracle WebLogic Server	=6.1-sp4
Oracle WebLogic Server	=6.1-sp5
Oracle WebLogic Server	=6.1-sp6
Oracle WebLogic Server	=6.1-sp7
Oracle WebLogic Server	=7.0
Oracle WebLogic Server	=7.0-sp1
Oracle WebLogic Server	=7.0-sp2
Oracle WebLogic Server	=7.0-sp3
Oracle WebLogic Server	=7.0-sp4
Oracle WebLogic Server	=7.0-sp5
Oracle WebLogic Server	=7.0-sp6
Oracle WebLogic Server	=7.0-sp7

Remedy

http://dev2dev.bea.com/pub/advisory/215

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-0421?
CVE-2007-0421 is classified as a denial of service vulnerability that can cause disk consumption on affected BEA WebLogic Server versions.
How do I fix CVE-2007-0421?
To fix CVE-2007-0421, upgrade to a version of BEA WebLogic Server that is not affected, specifically versions beyond 7.0 SP7.
What versions of BEA WebLogic Server are affected by CVE-2007-0421?
CVE-2007-0421 affects BEA WebLogic Server versions 6.1 through 6.1 SP7 and 7.0 through 7.0 SP7.
What type of attack can exploit CVE-2007-0421?
CVE-2007-0421 can be exploited by remote attackers through requests containing malformed headers.
What impact does CVE-2007-0421 have on a system?
The impact of CVE-2007-0421 is that it can lead to denial of service by causing excessive disk space consumption through log file generation.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/weakness
agent/author
agent/remedy
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/bea
canonical/oracle weblogic server
version/oracle weblogic server/6.1
version/oracle weblogic server/6.1-sp1
version/oracle weblogic server/6.1-sp2
version/oracle weblogic server/6.1-sp3
version/oracle weblogic server/6.1-sp4
version/oracle weblogic server/6.1-sp5
version/oracle weblogic server/6.1-sp6
version/oracle weblogic server/6.1-sp7
version/oracle weblogic server/7.0
version/oracle weblogic server/7.0-sp1
version/oracle weblogic server/7.0-sp2
version/oracle weblogic server/7.0-sp3
version/oracle weblogic server/7.0-sp4
version/oracle weblogic server/7.0-sp5
version/oracle weblogic server/7.0-sp6
version/oracle weblogic server/7.0-sp7