Sun JMX RMI-IIOP本地非授权访问漏洞

Java Dynamic Management Kit （Java DMK）提供一组Java 类和工具，便于根据Java管理扩展（JMX）规范和SNMP标准开发安全的监控和管理解决方案。 如果拥有对某些本地数据访问权限的远程用户连接到了本地用户所创建的JMX RMI-IIOP服务器应用程序的话，JMX RMI-IIOP API中的安全漏洞就可能允许能够创建该应用程序的本地用户获取对这些数据的非授权访问。 这个漏洞仅影响包含有通过JMX RMI-IIOP API部署的应用程序的系统。满足了所有以下条件时JMX代理会出现这个漏洞： 1...

CVE-2007-1419

The Java Management Extensions Remote API Remote Method Invocation over Internet Inter-ORB Protocol JMX RMI-IIOP API in Java Dynamic Management Kit 5.1 before 20070309 does not properly enforce the java.policy, which allows local users to obtain certain MBeans data access by operating a server...

Design/Logic Flaw

The Java Management Extensions Remote API Remote Method Invocation over Internet Inter-ORB Protocol JMX RMI-IIOP API in Java Dynamic Management Kit 5.1 before 20070309 does not properly enforce the java.policy, which allows local users to obtain certain MBeans data access by operating a server...

Solaris 8 (sparc) : 112045-08

Java Dynamic Management Kit 4.2 patch. Date this patch was last updated by Sun : May/14/04 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...