Remote Authentication Bypass in Sun Ray Server Software by Sun Microsystems
CVE-2002-2036

Currently unrated

Key Information:

Vendor: Oracle
Status: Ray Server Software
Vendor: CVE Published:; 31 December 2002

What is CVE-2002-2036?

The Sun Ray Server Software (SRSS) 1.3, with Non-Smartcard Mobility (NSCM) enabled, is susceptible to a vulnerability that allows remote attackers to gain unauthorized access to other user accounts. This occurs when dtlogin is executed from a system that supports XDMCP clients, potentially compromising user data and system integrity. Proper mitigation strategies are necessary to safeguard against this exploitation.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://www.securityfocus.com/bid/4911

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/9252.php

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2002

Oracle

What is CVE-2002-2036?

References

Timeline