CVE-2005-1745

Name of the Vulnerable Software and Affected Versions BEA WebLogic Portal versions 8.1 through 8.1 Service Pack 3

Description The issue allows an attacker to potentially guess the correct password by exploiting a feature in the UserLogin control. When an incorrect login attempt is made, the password is printed to standard output, making it easier for attackers to obtain the password.

Recommendations For BEA WebLogic Portal versions 8.1 through 8.1 Service Pack 3, consider modifying the UserLogin control to prevent printing the password to standard output when an incorrect login attempt is made. At the moment, there is no information about a newer version that contains a fix for this vulnerability.