Vulnerabilities > CVE-2003-0414 - Unspecified vulnerability in SUN ONE Application Server 7.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://marc.info/?l=bugtraq&m=105409846029475&w=2
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55221&zone_32=category%3Asecurity
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000610.1-1
- http://www.ciac.org/ciac/bulletins/n-103.shtml
- http://www.iss.net/security_center/static/12096.php
- http://www.securityfocus.com/bid/7712
- http://www.spidynamics.com/sunone_alert.html