71 matches found
Sun JS Access Manager And OpenSSO Unspecified Vulnerability
The host is running Access Manager or OpenSSO and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: secpodsjsamnopenssounspecifiedvuln.nasl 5401 2017-02-23 09:46:07Z teissa $ Sun JS Access Manager And OpenSSO Unspecified Vulnerability Authors: Antu Sanadi Copyright: Copyright...
Design/Logic Flaw
Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suite 7.1, 7 2005Q4, and OpenSSO Enterprise 8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors...
Solaris 5.9 (x86) : 126356-03
Sun Java System Access Manager 7.1 Solaris. Date this patch was last updated by Sun : Jun/19/09 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security if !...
Sun Java System Access Manager Version Detection
This script detects the installed version of Access Manager and sets the version in KB. OpenVAS Vulnerability Test $Id: secpodsjsaccessmanagerdetect.nasl 7076 2017-09-07 11:53:47Z teissa $ Sun Java System Access Manager Version Detection Authors: Sharath S Copyright: Copyright c 2009 SecPod,...
Sun JS Access Manager And OpenSSO Information Disclosure vulnerability
The host is running Access Manager or OpenSSO and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: secpodsjsamnopenssoinfodiscvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ Sun JS Access Manager And OpenSSO Information Disclosure vulnerability Authors: Sharath S...
Sun Java System Access Manager Information Disclosure vulnerability
The host is running Java System Access Manager and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: secpodsjsaccessmanagerinfodiscvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ Sun Java System Access Manager Information Disclosure vulnerability Authors: Sharath S...
Sun Java System Access Manager Version Detection
This script detects the installed version of Access Manager. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Sun Java System Access Manager Information Disclosure vulnerability
Java System Access Manager is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On CDSSO is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote attackers to obtain sensitive information via unspecified vectors...
CVE-2009-2713
Sun Java System Access Manager 7.0 (2005Q4) and 7.1 with Cross Domain Single Sign On enabled is affected by CVE-2009-2713. The issue is that the CDCServlet component does not ensure policy advice is presented to the correct client, enabling potential information disclosure via unspecified vectors...
CVE-2009-2268
Cross-site scripting XSS vulnerability in the Cross-Domain Controller CDC servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Cross-Domain Controller CDC servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-2268
Cross-site scripting XSS vulnerability in the Cross-Domain Controller CDC servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-2268
CVE-2009-2268 affects Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 where the Cross-Domain Controller (CDC) servlet is vulnerable to cross‑site scripting via unspecified vectors. The issue is evidenced in Nessus/Solaris patches that reference CVE-2009-2268 among related fixes (e.g., ...
Solaris 9 (sparc) : 120954-12
AM 7.0: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Solaris 9 (x86) : 120955-12
AM 7.0x86: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; ...
CVE-2009-0348
CVE-2009-0348 affects Sun Java System Access Manager: login module responsiveness difference during failed logins allows remote username enumeration. Versions implicated: 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1. The description does not specify an exploit or affected patch level beyond th...
Sun Java System Access Manager 7.1 - 'Username' Enumeration
source: https://www.securityfocus.com/bid/33489/info Sun Java System Access Manager is prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this weakness to discern valid usernames. This may aid them in...
Sun Java System Access Manager 7.1 - Username Enumeration
Sun Java System Access Manager 7.1 - Username Enumeration source: https://www.securityfocus.com/bid/33489/info Sun Java System Access Manager is prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this...
CVE-2009-0170
Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console...