CVE-2007-3700
CVE-2007-3700 affects Sun Java System Access Manager (formerly Java System Identity Server) prior to 20070710. When AMConfig.properties sets com.iplanet.services.debug.level to a debug value, the product logs cleartext login passwords to /var/opt/SUNWam/debug/amAuth, enabling a local user to read...