CVE-2008-6192

CVE-2008-6192 describes multiple XSS vulnerabilities in unspecified Portlets of Sun Java System Portal Server 7.0 and 7.1. The initial description notes remote injection of arbitrary scripts via unknown vectors, without concrete exploit details. Connected documents include Solaris patch reference...

Design/Logic Flaw

Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...

CVE-2009-0609

Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...

CVE-2009-0576

Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, allows remote attackers to cause a denial of service daemon crash via crafted LDAP requests...

CVE-2009-0576

Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, are affected by CVE-2009-0576. An unspecified vulnerability allows remote attackers to cause a denial of service (daemon crash) via crafted LDAP requests. The provided documents do not specify the exact root cause, vul...

CVE-2009-0576

Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, allows remote attackers to cause a denial of service daemon crash via crafted LDAP requests...

Sun Java System Directory Server 6.x < 6.3.1 LDAP JDBC Backend DoS

The remote host is running the Sun Java System Directory Server, an LDAP server from Sun Microsystems. The installed version is older than 6.3.1, and the proxy server included with such versions is reportedly affected by a denial of service vulnerability. By sending a specially crafted request to...

Sun Java System/ONE Application Server Detection (HTTP)

HTTP based detection of the Sun Java System/ONE Application Server. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Code injection

The login module in Sun Java System Access Manager 6 2005Q1 aka 6.3, 7 2005Q4 aka 7.0, and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames...

CVE-2009-0348

The login module in Sun Java System Access Manager 6 2005Q1 aka 6.3, 7 2005Q4 aka 7.0, and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames...

CVE-2009-0348

CVE-2009-0348 affects Sun Java System Access Manager: login module responsiveness difference during failed logins allows remote username enumeration. Versions implicated: 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1. The description does not specify an exploit or affected patch level beyond th...

Sun Java System Access Manager 7.1 - &#039;Username&#039; Enumeration

source: https://www.securityfocus.com/bid/33489/info Sun Java System Access Manager is prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this weakness to discern valid usernames. This may aid them in...

Sun Java System Access Manager 7.1 - Username Enumeration

Sun Java System Access Manager 7.1 - Username Enumeration source: https://www.securityfocus.com/bid/33489/info Sun Java System Access Manager is prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this...

CVE-2009-0169

Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm...

CVE-2009-0169

Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm...

CVE-2009-0169

Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm...

CVE-2009-0169

CVE-2009-0169 affects Sun Java System Access Manager 7.1. The vulnerability allows a remote authenticated sub-realm administrator to escalate privileges by creating the amadmin account in the sub-realm and then logging in as amadmin in the root realm. The available data confirms an in-realm privi...

Sun Java System Access Manager 'sub-realm'特权提升漏洞

BUGTRAQ ID: 33266 CNCAN ID：CNCAN-2009011503 Sun Java System Access Manager是一款安全单点登录、认证、授权解决方案。 Sun Java System Access Manager存在安全漏洞，允许sub-real管理员提升特权或访问root realm作为管理员。 目前没有详细漏洞细节提供。 Sun Java System Access Manager 7.1 Windows Sun Java System Access Manager 7.1 Solaris x86 Sun Java System Access...

Sun Java System Portal Server远程文件泄露漏洞

Sun Java System Portal Server是一种Web信息中心系统，用于工作协作和提供信息服务。 Sun Java System Portal Server的Web Console组件在处理用户请求时存在漏洞，远程攻击者可能利用此漏洞非授权访问到系统文件。 Sun Java System Portal Server 7.2 Sun Java System Portal Server 7.1 Sun --- Sun已经为此发布了一个安全公告（243886）以及相应补丁: 243886：Security Vulnerability Related to Sun Java...

Sun Java System Identity Manager Detection

Sun Java System Identity Manager, an enterprise tool for identity management, is installed on the remote web server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid35104; scriptversion"1.15"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/12";...