Local Password Exposure in Sun Java System Access Manager and OpenSSO Enterprise
CVE-2009-2712

Currently unrated

Key Information:

Vendor

Oracle
Status
Java System Access Manager
Vendor
CVE Published:
7 August 2009

What is CVE-2009-2712?

The Sun Java System Access Manager and OpenSSO Enterprise products, when configured to enable the debug flag in AMConfig.properties, pose a risk by allowing local users to extract sensitive cleartext passwords stored within debug files. This vulnerability exposes critical authentication information, which can lead to further compromises within the affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://osvdb.org/56815
vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/35963
vdb-entryx_refsource_BID
http://secunia.com/advisories/36169
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.