148 matches found
Sun JS Access Manager And OpenSSO Information Disclosure vulnerability
Access Manager or OpenSSO is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Sun/Oracle OpenSSO Version Detection
Detection of Sun/Oracle OpenSSO. The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective righ...
Sun OpenSSO Enterprise 8.0 < Patch1 Update1 Memory Corruption
Binary data 5134.prm...
Code injection
Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files...
CVE-2009-2712
CVE-2009-2712 affects Sun Java System Access Manager (6.3/2005Q1, 7.0/2005Q4, 7.1) and OpenSSO/OpenSSO Enterprise 8.0. When AMConfig.properties enables the debug flag, local users can read debug files and discover cleartext passwords (information disclosure; confidentiality impact). Patch referen...
Sun OpenSSO / Java System Access Manager Login Module User Account Enumeration Weakness
The remote host is running Sun OpenSSO, or Sun Java System Access Manager as it was previously known, an enterprise-class product that provides web access management, federation, and web services security. The version of the Login module included with Sun OpenSSO / Sun Java System Access Manager ...
Sun Java System Access Manager 7.1 - Username Enumeration
Sun Java System Access Manager 7.1 - Username Enumeration source: https://www.securityfocus.com/bid/33489/info Sun Java System Access Manager is prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this...
Sun Java System Access Manager 7.1 - 'Username' Enumeration
source: https://www.securityfocus.com/bid/33489/info Sun Java System Access Manager is prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this weakness to discern valid usernames. This may aid them in...