X

The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 102140 Security Vulnerability in Sun Java System Access Manager May Allow Administrator Access to Users Logged in As Root

Guest Author
Product: Sun Java System Access Manager 7 2005Q4

A local user logged in as "root" on a system with Sun Java System Access Manager may be able to use the "amadmin" CLI tool to administer the Access Manager installation with the privileges of the top-level administrator (regardless of the credentials originally used to login to the Access Manager server). Access Manager security is compromised.

Avoidance: Patch
State: Resolved
First released: 01-Feb-2006

Join the discussion

Comments ( 1 )
  • Java Entrepreneur Monday, March 26, 2007
    [Trackback] I came across another security issue. There is security vulnerability in the Sun Java System Access Manager which may enable administrator access to users logged in as root. Logged in as root on a system, the local user might...
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.