CVE-2003-0414

Name of the Vulnerable Software and Affected Versions: Sun ONE Application Server version 7.0

Description: The issue allows local users to gain privileges by reading a plaintext password in a statefile created during the installation of the software. This occurs because the statefile has world-readable permissions.

Recommendations: For Sun ONE Application Server version 7.0, consider changing the permissions of the statefile to prevent unauthorized access until a patch is available. As a temporary workaround, restrict access to the statefile to minimize the risk of exploitation.