• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sun ONE Application Server Plaintext Password Vulnerability

A problem with the Sun ONE Application Server could make unauthorized access to credentials possible.

It has been reported that a problem exists in the method used for the storage of passwords by Sun ONE Application Server. This could lead to local users gaining unauthorized access to passwords, and potentially unauthorized access to the Sun ONE administrative server.

It should be noted that although this vulnerability has been reported to affect Sun ONE Application Server version 7.0 on Windows platforms, previous versions might also be affected.