2.1

CVE-2009-2712

Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunJava System Access Manager Version6.3_2005q1 Editionsolaris_10_sparc
SunJava System Access Manager Version6.3_2005q1 Editionsolaris_8_sparc
SunJava System Access Manager Version6.3_2005q1 Editionsolaris_9_sparc
SunJava System Access Manager Version7.1 Editionsolaris_10_sparc
SunJava System Access Manager Version7.1 Editionsolaris_8_sparc
SunJava System Access Manager Version7.1 Editionsolaris_9_sparc
SunJava System Access Manager Version7_2005q4 Editionsolaris_10_sparc
SunJava System Access Manager Version7_2005q4 Editionsolaris_8_sparc
SunJava System Access Manager Version7_2005q4 Editionsolaris_9_sparc
SunJava System Access Manager Version6.3_2005q1 Editionsolaris_10_x86
SunJava System Access Manager Version6.3_2005q1 Editionsolaris_8_x86
SunJava System Access Manager Version6.3_2005q1 Editionsolaris_9_x86
SunJava System Access Manager Version7.1 Editionsolaris_10_x86
SunJava System Access Manager Version7.1 Editionsolaris_8_x86
SunJava System Access Manager Version7.1 Editionsolaris_9_x86
SunJava System Access Manager Version7_2005q4 Editionsolaris_10_x86
SunJava System Access Manager Version7_2005q4 Editionsolaris_8_x86
SunJava System Access Manager Version7_2005q4 Editionsolaris_9_x86
SunJava System Access Manager Version6.3_2005q1 Editionsolaris_10_linux
SunJava System Access Manager Version6.3_2005q1 Editionsolaris_8_linux
SunJava System Access Manager Version6.3_2005q1 Editionsolaris_9_linux
SunJava System Access Manager Version7.1 Editionsolaris_10_linux
SunJava System Access Manager Version7.1 Editionsolaris_8_linux
SunJava System Access Manager Version7.1 Editionsolaris_9_linux
SunJava System Access Manager Version7_2005q4 Editionsolaris_10_linux
SunJava System Access Manager Version7_2005q4 Editionsolaris_8_linux
SunJava System Access Manager Version7_2005q4 Editionsolaris_9_linux
SunJava System Access Manager Version7.0_2005q4 Editionwindows
SunJava System Access Manager Version7.1 Editionwindows
SunJava System Web Server Version7.0 Editionhp_ux
SunJava System Access Manager Version7.1 Editionwar
SunOpensso Enterprise Version8.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.37% 0.286
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/56815
http://secunia.com/advisories/36169
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-21-119465-16-1
Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256668-1
Patch
Vendor Advisory
http://www.securityfocus.com/bid/35963
http://www.vupen.com/english/advisories/2009/2177