Code injection
The Sun Admin Console in Sun Application Server 9.00.1 does not apply certain configuration changes persistently, which causes the 1 SSL and 2 SSLMutualAuth ORB listener services to enable all protocols and ciphers after the services are restarted, possibly allowing remote attackers to bypass...