Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:48:50 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2287679194&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiledesc%2Fweblogic-inject.txt.html%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2287679194.1338191330.1338191330.1338191330.1%3B%2B__utmz%3D32867617.1338191330.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/91791/weblogic-inject.txt http://packetstormsecurity.org/files/91791/weblogic-inject.txt http://packetstormsecurity.org/files/91791/WebLogic-Plugin-HTTP-Injection-Via-Encoded-URLs.html Wed, 14 Jul 2010 05:08:10 GMT Virtual Security Research, LLC. Security Advisory - Over the last several years, VSR analysts had observed unusual behavior in multiple WebLogic deployments when certain special characters were URL encoded and appended to URLs. In late April, 2010 VSR began researching this more in depth and found that the issue could allow for HTTP header injection and HTTP request smuggling attacks.