Note: This is an archival copy of Security Sun Alert 200624 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000486.1.
Article ID : 1000486.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2007-03-22
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Security Vulnerability in Sun Java System Access Manager May Allow Administrator Access to Users Logged in As Root

Category
Security

Release Phase
Resolved

Product
Sun Java System Access Manager 7 2005Q4

Bug Id
6356879

Date of Resolved Release
01-FEB-2006

Impact

A local user logged in as "root" on a system with Sun Java System Access Manager may be able to use the "amadmin" CLI tool to administer the Access Manager installation with the privileges of the top-level administrator (regardless of the credentials originally used to login to the Access Manager server). Access Manager security is compromised.


Contributing Factors

This issue can occur in the following releases:

SPARC Platform

  • Sun Java System Access Manager 7.0 (for Solaris 8, 9 and 10) without patch 120954-01

x86 Platform

  • Sun Java System Access Manager 7.0 (for Solaris 9 and 10) without patch 120955-01

LINUX Platform

  • Sun Java System Access Manager 7.0 without patch 120956-01

Windows Platform

  • Sun Java System Access Manager 7.0 without patch 124296-05

Notes:

  1. Sun Java System Access Manager versions previous to 7.0 are not affected by this issue.
  2. Sun Java System 7.0 is not supported on Solaris 8 for x86.

To determine if Sun Java System Access Manager is installed on a system, the following command can be run:

    % pkginfo -l SUNWamsvc
      PKGINST:  SUNWamsvc
     NAME:  Sun Java System Access Manager Services
   CATEGORY:  application
   ARCH:  all
   VERSION:  7.0,REV=05.08.10.09.17

To determine the version of Sun Java System Access Manager on a system, the "amadmin" command can be run from the directory in which Access Manager was installed, as in the following example:

    # <access-manager-install-dir>/bin/amadmin --version
    Sun Java System Access Manager 7 2005Q4

Symptoms

Sun Java System Access Manager may not function properly and/or product configuration and user data may be stolen or compromised.


Workaround

There is no workaround to this issue. Please see the Resolution section below.


Resolution

This issue is addressed in the following releases:

SPARC Platform

  • Sun Java System Access Manager 7.0 (for Solaris 8, 9 and 10) with patch 120954-01 or later

x86 Platform

  • Sun Java System Access Manager 7.0 (for Solaris 9 and 10) with patch 120955-01 or later

LINUX Platform

  • Sun Java System Access Manager 7.0 with patch 120956-01 or later

Windows Platform

  • Sun Java System Access Manager 7.0 with patch 124296-05 or later


Modification History
Date: 23-MAR-2007
  • Updated Contributing Factors and Resolution sections


References

120954-01
120955-01
120956-01
124296-05




Attachments
This solution has no attachment