• info
• discussion
• exploit
• solution
• references

Apache Geronimo SQLLoginModule Authentication Bypass Vulnerability

Solution:
The vendor released a patch to address this issue. Please see the references for more information.


Apache Geronimo 2.0

• Apache GERONIMO-3543.patch
  https://issues.apache.org/jira/secure/attachment/12368114/GERONIMO-354 3.patch

Apache Geronimo 2.1

• Apache GERONIMO-3543.patch
  https://issues.apache.org/jira/secure/attachment/12368114/GERONIMO-354 3.patch

Apache Geronimo 2.0.1

• Apache GERONIMO-3543.patch
  https://issues.apache.org/jira/secure/attachment/12368114/GERONIMO-354 3.patch

Apache Geronimo 2.0.2

• Apache GERONIMO-3543.patch
  https://issues.apache.org/jira/secure/attachment/12368114/GERONIMO-354 3.patch