Support #8911
SCP ID :##4807##] : Pentest Oracle UDDI Accessible
| Status: | Closed - End of life cycle | Start date: | December 03, 2018 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | January 08, 2019 | |
| Assignee: |  Zahir Abd Latif | % Done: | 100% | |
| Category: | - | Spent time: | 2.00 hours | |
| Target version: | - |
Description
Hi,
Kindly attend below request:
Dear Gabby
Help eCustody waktu pentest kena temuan Oracle UDDI Accessible from External, tolong bantu fix ya. Attach document terlampir.
History
#1
Updated by Zahir Abd Latif almost 6 years ago
Dear Gabby,
Any updates on this issue? Do have any solution or root cause for this?
Kindly updates.
Thanks.
#2
Updated by Rayvandy Gabbytian over 5 years ago
- Status changed from New - Begin Life Cycle to Development / Work In Progress
- % Done changed from 0 to 30
Work in progress
#3
Updated by Rayvandy Gabbytian over 5 years ago
- Due date set to January 08, 2019
- Status changed from Development / Work In Progress to Finished Development
- % Done changed from 30 to 100
My Reply to Pak Liebi on 9th January 2019 as follows:
Email Subject: Re: Hasil Meeting Pentest Anual 2017
Dear Pak Liebi,
The UDDI you mentioned comes from Weblogic features, and not from eCustody.war files. Please understand that weblogic maintenance was not part of Penril maintenance service.
However, you may try to disable the UDDI in development environment by performing these steps:
• From WL_HOME/server/lib, delete uddi.*, specifically:
uddi.properties
uddi.war
uddiexplorer.war
You can also move the files somewhere else if you want to keep the copies (recommended). However, be sure that you move them entirely out of the server/lib area.
• In your domain, delete the uddi and uddiexplorer cache files, specifically:
DOMAIN_HOME/servers/AdminServer/tmp/.internal/uddi.war
DOMAIN_HOME/servers/AdminServer/tmp/.internal/uddiexplorer.war
and the expanded folders for the same:
DOMAIN_HOME/servers/AdminServer/tmp/_WL_internal/uddi folder
DOMAIN_HOME/servers/AdminServer/tmp/_WL_internal/uddiexplorer folder
Again, you can move the files elsewhere, but be sure to move them entirely out of the domain.
• After you have removed all of these files, start (or restart) your domain. You should see warning messages like these in your startup log (and/or sysout):
<Dec 16, 2010 10:15:05 AM EST> <Warning> <Deployer> <BEA-149617> <Non-critical internal application uddi was not deployed. Error: [Deployer:149158]No application files exist at 'C:\Oracle\WLS\wl_922\WEBLOG~1\server\lib\uddi.war'.>
<Dec 16, 2010 10:15:05 AM EST> <Warning> <Deployer> <BEA-149617> <Non-critical internal application uddiexplorer was not deployed. Error: [Deployer:149158]No application files exist at 'C:\Oracle\WLS\wl_922\WEBLOG~1\server\lib\uddiexplorer.war'.>
Thank you.
Reply from Pak Liebi:
Ok thx atas infonya Gabby, saya sudah coba di dev dan sepertinya berhasiil thx
#4
Updated by Rayvandy Gabbytian over 5 years ago
- Assignee changed from Rayvandy Gabbytian to Zahir Abd Latif
- % Done changed from 100 to 0
Zahir,
Please proceed to close this issue.
Thanks.
#5
Updated by Zahir Abd Latif over 5 years ago
- Status changed from Finished Development to Closed - End of life cycle
- % Done changed from 0 to 100