| BEA WebLogic Server Internal Hostname Disclosure
Author : Michael Hendrickx <firstname.lastname@example.org>
During a penentration test, I discovered that the BEA Weblogic Server
reveals it hostname (on windows machines NetBIOS name) while sending the
GET . HTTP/1.0\r\n\r\n
On older systems (Weblogic 7.0), a simple "BLAH . BLAH\r\n\r\n"
the same trick. BEA was contacted about two weeks ago, but I haven't
heard from them (yet).