Vulnerability Bulletins |
Perdida de información en Sun Java System Access Server |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Aumento de la visibilidad |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio exotico |
System information |
|
| Property | Value |
| Affected manufacturer | GNU/Linux |
| Affected software | Sun Java System Access Server |
Description |
|
|
Se ha descubierto una vulnerabilidad de tipo cross site scripting en Sun Java System Access Server. La vulnerabilidad reside en un error no especificado. Un atacante remoto podría robar información de cookies, suplantar sesiones, o causar la perdida de privacidad entre un cliente y el servidor. |
|
Solution |
|
|
Actualización de software Sun Sun Java System Access Manager 7 2005Q4 (7.0) / Solaris 8 / SPARC / patch 120954-04 Sun Java System Access Manager 7 2005Q4 (7.0) / Solaris 9 / SPARC / patch 120954-04 Sun Java System Access Manager 7 2005Q4 (7.0) / Solaris 10 / SPARC / patch 120954-04 Sun Java System Access Manager 6 2005Q1 (6.3) / Solaris 8 / SPARC / patch 119465-09 Sun Java System Access Manager 6 2005Q1 (6.3) / Solaris 9 / SPARC / patch 119465-09 Sun Java System Access Manager 6 2005Q1 (6.3) / Solaris 10 / SPARC / patch 119465-09 Sun Java System Access Manager 6.2 / Solaris 8 / SPARC / patch 115766-13 Sun Java System Access Manager 6.2 / Solaris 9 / SPARC / patch 115766-13 Sun Java System Access Manager 6.1 / Solaris 8 / SPARC / patch 117586-21 Sun Java System Access Manager 6.1 / Solaris 9 / SPARC / patch 117586-21 Sun Java System Access Manager 7 2005Q4 (7.0) / Solaris 9 / x86 / patch 120955-04 Sun Java System Access Manager 7 2005Q4 (7.0) / Solaris 10 / x86 / patch 120955-04 Sun Java System Access Manager 6 2005Q1 (6.3) / Solaris 8 / x86 / patch 119465-09 Sun Java System Access Manager 6 2005Q1 (6.3) / Solaris 9 / x86 / patch 119465-09 Sun Java System Access Manager 6 2005Q1 (6.3) / Solaris 10 / x86 / patch 119465-09 Sun Java System Access Manager 6.2 / Solaris 8 / x86 / patch 120091-13 Sun Java System Access Manager 6.2 / Solaris 9 / x86 / patch 120091-13 Sun Java System Access Manager 7 2005Q4 (7.0) / Linux / patch 120956-04 Sun Java System Access Manager 6 2005Q1 (6.3) / Linux / patch 119502-09 Sun Java System Access Manager 6.2 / Linux / patch 119409-13 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage |
|
Standar resources |
|
| Property | Value |
| CVE | |
| BID | |
Other resources |
|
|
Sun Alert Notification (102621) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102621-1 |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido por Sun (102621) | 2007-01-31 |
| 1.1 | Aviso actualizado por Sun (102621) | 2007-02-28 |