1. CVE-Search
  2. CVE-2006-0531
ID CVE-2006-0531
Summary Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool.
References
Vulnerable Configurations
  • cpe:2.3:a:sun:java_system_access_manager:7.0:*:linux:*:*:*:*:*
    cpe:2.3:a:sun:java_system_access_manager:7.0:*:linux:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_access_manager:7.0:*:solaris_s:*:*:*:*:*
    cpe:2.3:a:sun:java_system_access_manager:7.0:*:solaris_s:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_access_manager:7.0:*:solaris_x:*:*:*:*:*
    cpe:2.3:a:sun:java_system_access_manager:7.0:*:solaris_x:*:*:*:*:*
CVSS
Base: 7.2 (as of 11-10-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2007-03-21T16:17:17.664-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Nabil Ouchn
      organization Security-Database
    description Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool.
    family unix
    id oval:org.mitre.oval:def:360
    status accepted
    submitted 2006-09-22T05:52:00.000-04:00
    title Sun Java System Access Manager Local Authentication Bypass Vulnerability
    version 37
  • accepted 2007-03-21T16:17:26.994-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Nabil Ouchn
      organization Security-Database
    description Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool.
    family unix
    id oval:org.mitre.oval:def:755
    status accepted
    submitted 2006-09-22T05:52:00.000-04:00
    title Sun Java System Access Manager Local Authentication Bypass Vulnerability
    version 37
refmap via4
bid 16474
sectrack 1015567
secunia 18699
sunalert 102140
vupen ADV-2006-0430
xf sun-jsam-admin-access(24423)
Last major update 11-10-2017 - 01:30
Published 04-02-2006 - 00:06
Last modified 11-10-2017 - 01:30
Back to Top