Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors related to the utconfig component of the Server Software and the uttscadm component of the Windows Connector.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
21 Nov 2024, 00:54
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/33108 - | |
References | () http://secunia.com/advisories/33119 - | |
References | () http://securitytracker.com/id?1021379 - | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1 - Patch | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-21-127556-03-1 - Patch, Vendor Advisory | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-26-240506-1 - Patch | |
References | () http://support.avaya.com/elmodocs2/security/ASA-2008-500.htm - | |
References | () http://www.securityfocus.com/bid/32772 - | |
References | () http://www.vupen.com/english/advisories/2008/3406 - | |
References | () http://www.vupen.com/english/advisories/2008/3407 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/47258 - |
Information
Published : 2008-12-11 15:30
Updated : 2024-11-21 00:54
NVD link : CVE-2008-5423
Mitre link : CVE-2008-5423
CVE.ORG link : CVE-2008-5423
JSON object : View
Products Affected
sun
- ray_windows_connector
- ray_server_software
- java_desktop_system
- solaris
redhat
- enterprise_linux
novell
- suse_linux_enterprise_server
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor