Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Java_system_access_manager | Sun | 6.3_2005q1 | 6.3_2005q1 |
Java_system_access_manager | Sun | 7.1 | 7.1 |
Java_system_access_manager | Sun | 7.1 | 7.1 |
Java_system_access_manager | Sun | 7_2005q4 | 7_2005q4 |
Java_system_access_manager | Sun | 7.1 | 7.1 |
Java_system_access_manager | Sun | 6.3_2005q1 | 6.3_2005q1 |
Java_system_access_manager | Sun | 6.3_2005q1 | 6.3_2005q1 |
Java_system_access_manager | Sun | 7_2005q4 | 7_2005q4 |
Java_system_access_manager | Sun | 7_2005q4 | 7_2005q4 |