4 matches found
EUVD-2008-7211
Malware in sbrugna...
JBoss: CallerIdentityLoginModule retaining password from previous call if a null password is provided
The CallerIdentityLoginModule in JBoss Enterprise Application Platform EAP before 5.2.0, Web Platform EWP before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 allows remote attackers to gain privileges of the previous user via a null password, which causes the previous user's...
JBoss: CallerIdentityLoginModule retaining password from previous call if a null password is provided
The CallerIdentityLoginModule in JBoss Enterprise Application Platform EAP before 5.2.0, Web Platform EWP before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 allows remote attackers to gain privileges of the previous user via a null password, which causes the previous user's...
CVE-2009-0518
CVE-2009-0518 describes a vulnerability where the VirtualCenter Server password may be retained in the memory of VI Client on VMware products. Affected: VI Client, VirtualCenter Server in VMware VirtualCenter prior to 2.5 Update 4, ESXi 3.5 prior to Update 4, and ESX 3.5 prior to Update 4. Impact...