Oracle Single Sign-On Login Page Authentication Credential Disclosure Vulnerability
BID:10009
Info
Oracle Single Sign-On Login Page Authentication Credential Disclosure Vulnerability
| Bugtraq ID: | 10009 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 30 2004 12:00AM |
| Updated: | Mar 30 2004 12:00AM |
| Credit: | Discovery is credited to Madison Gurkha <http://www.madison-gurkha.com/>. |
| Vulnerable: |
Oracle Single Sign-On |
| Not Vulnerable: | |
Discussion
Oracle Single Sign-On Login Page Authentication Credential Disclosure Vulnerability
It has been reported that Oracle Single Sign-On login form is prone to an authentication credential disclosure vulnerability that that may allow remote attackers to disclose authentication credentials such as username and passwords of vulnerable users.
Due to a lack to details further information cannot be provided at the moment. This BID will be updated as more information becomes available.
It has been reported that Oracle Single Sign-On login form is prone to an authentication credential disclosure vulnerability that that may allow remote attackers to disclose authentication credentials such as username and passwords of vulnerable users.
Due to a lack to details further information cannot be provided at the moment. This BID will be updated as more information becomes available.
Exploit / POC
Oracle Single Sign-On Login Page Authentication Credential Disclosure Vulnerability
No exploit is required to leverage this issue.
No exploit is required to leverage this issue.
Solution / Fix
Oracle Single Sign-On Login Page Authentication Credential Disclosure Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Oracle Single Sign-On Login Page Authentication Credential Disclosure Vulnerability
References:
References: