GEN:SID 1:2238
Message WEB-MISC WebLogic ConsoleHelp view source attempt
Summary This event is generated when an attempt is made to exploit a known vulnerability in BEA Systems WebLogic Enterprise.
Impact Information disclosure.
Detailed Information Some versions of BEA Systems WebLogic Enterprise allow an attacker to
view the aplication source code of documents in the web root of the
server.
Affected Systems BEA Systems WebLogic Enterprise 5.1, 5.1.x
Attack Scenarios An attacker can view the source code and use that information to further
exploit the server.

The attacker merely needs to prepend an HTTP request with
"/ConsoleHelp/" to view the source of any file.
Ease of Attack Simple. No exploit software required.
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References Bugtraq:
http://www.securityfocus.com/bid/1518
Rule References bugtraq: 1518
cve: 2000-0682
nessus: 11724