« Sun Alert 102521... | Main | A new direction for... »
23 Mar 2007 Sun Alert 102140 Security Vulnerability in Sun Java System Access Manager May Allow Administrator Access to Users Logged in As Root
posted by Sun Security Coordination Team in Alerts
Product: Sun Java System Access Manager 7 2005Q4

A local user logged in as "root" on a system with Sun Java System Access Manager may be able to use the "amadmin" CLI tool to administer the Access Manager installation with the privileges of the top-level administrator (regardless of the credentials originally used to login to the Access Manager server). Access Manager security is compromised.

Avoidance: Patch
State: Resolved
First released: 01-Feb-2006
Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102140-1
Permalink | Comments [1]
Trackback URL: http://blogs.sun.com/security/entry/sun_alert_102140_security_vulnerability
Comments:

[Trackback] I came across another security issue. There is security vulnerability in the Sun Java System Access Manager which may enable administrator access to users logged in as root. Logged in as root on a system, the local user might...

Posted by Java Entrepreneur on March 26, 2007 at 08:12 AM PDT #

Post a Comment:

Name:
E-Mail:
URL:

Your Comment:

HTML Syntax: NOT allowed

Sun Certified Security Administrator

Download Solaris
Patches and Updates
Download Solaris Security Toolkit

« September 2008
SunMonTueWedThuFriSat
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today


Company Info   |   Contact   |   Terms of Use   |   Privacy   |   Trademarks   |   Copyright 2007 Sun Microsystems, Inc.