Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-5066

twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments.

See the

CVE page on Mitre.org for more details.

References

MISC: http://objectopia.com/...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...
MISC: https://issues.jboss.o...

Launchpad.net

CVE 2009-5066

Related bugs

References