Apache Geronimo SQLLoginModule Authentication Bypass Vulnerability

Apache Geronimo SQLLoginModule Authentication Bypass Vulnerability

References:

GERONIMO-3543: SQLLoginModule successfully authenticates non-existent users (Apache Software Foundation)
IBM 1286105 - SQLLoginModule security vulnerability in WebSphere Application Ser (IBM)

Privacy Statement
Copyright 2010, SecurityFocus