Detections
Analytics

Sun Java System Identity Manager Account Disclosure

medium Nessus Plugin ID 38198

Language:

Synopsis

The remote host is running a web application with information disclosure vulnerabilities.

Description

The version of Sun Java System Identity Manager running on the remote host has the following account enumeration vulnerabilities :

- The error message for a failed login attempt is different, depending on whether or not a valid username was given.

- Requesting IDMROOT/questionLogin.jsp?accountId=USERNAME results in different results, depending on whether USERNAME is valid.

A remote attacker could use these to enumerate valid usernames, which could be used to mount further attacks.

There are also other issues known to be associated with this version of Identity Manager that Nessus has not tested for. Refer to Sun Security Alert #253267 for more information.

Solution

The vendor has made a patch available. It fixes other unrelated vulnerabilities, but only partially addresses this issue. At this time, there is no known comprehensive solution.

See Also

http://blogs.sun.com/security/entry/sun_alert_253267_sun_java

https://download.oracle.com/sunalerts/1020159.1.html

Plugin Details

Severity: Medium

ID: 38198

File Name: sun_idm_acct_disclosure.nasl

Version: 1.19

Type: remote

Family: CGI abuses

Published: 4/28/2009

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.0

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:sun:java_system_identity_manager

Exploit Ease: No exploit is required

Patch Publication Date: 3/19/2009

Reference Information

CVE: CVE-2009-1075, CVE-2009-1076

BID: 34191

CWE: 200, 255

SECUNIA: 34380