Information Disclosure in Sun Java System Access Manager
CVE-2007-3700

Currently unrated

Key Information:

Vendor

Oracle
Status
Java System Access Manager
Vendor
CVE Published:
11 July 2007

What is CVE-2007-3700?

The Sun Java System Access Manager prior to the update released on July 10, 2007, is configured to log cleartext passwords when the message debug level is set in the AMConfig.properties file. This misconfiguration can allow local users to read sensitive information, specifically cleartext login credentials, from the debug logs located at /var/opt/SUNWam/debug/amAuth. This information disclosure issue poses a significant threat as it may enable unauthorized users to gain elevated privileges within the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/24859
vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2007/2496
vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/26030
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.