Note: This is an archival copy of Security Sun Alert 200814 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000613.1.
Date of Resolved Release
Sun ONE Application Server may incorrectly validate user authentication ...
The Sun ONE Application Server may incorrectly validate user authentication information with LDAP.
Sun acknowledges, with thanks, Subhajit Mitra of Parametric Technology Corporation (http://www.ptc.com) for bringing this issue to our attention.
2. Contributing Factors
This issue can occur in the following releases:
Note: All supported platforms are affected. See:
There are no reliable symptoms that would show the described issues have been exploited.
There is no workaround. Please see the "Resolution" section below.
This issue is addressed in the following releases:
Windows and Solaris platform
The above releases are available for download at:
Copyright 2000-2010 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
Sun ONE Application Server 7, Platform Edition
Sun ONE Application Server 7, Standard Edition
25-SEP-2003: Updated Impact section.
This solution has no attachment