MOABI : Continuous Software Improvement

CVE-2003-1221
Description	BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under certain circumstances when a request to use T3 over SSL (t3s) is made to the insecure T3 port, may use a non-SSL connection for the communication, which could allow attackers to sniff sessions.
Impact	CVSS v2 : 5 MEDIUM
Type	NVD-CWE-Other
Attack Vector	CVSSv2 Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N
Quick links	CVE, NVD, CERT, Metasploit, Exploit-db, Fulldisc, Bugtraq, Microsoft, Red Hat, Debian, GitHub code/issues, Google
References	http://dev2dev.bea.com/pub/advisory/32 http://www.securityfocus.com/bid/9034