CVE-2009-0170 Information

Description

Sun Java System Access Manager 6.3 2005Q1 7 2005Q4 and 7.1 allows remote authenticated users with console privileges to discover passwords and obtain unspecified other \access to resources\ by visiting the Configuration Items component in the console.

Reference

http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-02-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-242166-1 http://www.securityfocus.com/bid/33265 http://www.securitytracker.com/id?1021605 http://www.vupen.com/english/advisories/2009/0156 https://exchange.xforce.ibmcloud.com/vulnerabilities/47942