5 matches found
Security Bulletin: Multiple Security Vulnerabilities in Apache Geronimo Affect IBM Sterling B2B Integrator
Summary Multiple Security Vulnerabilities in Apache Geronimo Affect IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2008-0732 DESCRIPTION: Apache Geronimo could allow a local attacker to obtain sensitive information, caused by the init script following symlinks during a chown...
CVE-2007-5797
SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database...
CVE-2007-5797
SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database...
CVE-2007-5797
SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database...
CVE-2007-5797
Apache Geronimo 2.0–2.1 is affected by CVE-2007-5797 due to a SQLLoginModule/LoginModule path that does not throw an exception for a nonexistent username. This results in remote authentication bypass, permitting a login attempt with any username not in the database to succeed. The concrete descri...