Sun JS Access Manager And OpenSSO Information Disclosure vulnerability

Summary
The host is running Access Manager or OpenSSO and is prone to information disclosure vulnerability.
Impact
Successful exploitation could allow remote unprivileged user to gain the sensitive information. Impact Level: System/Application
Solution
Apply the security updates. http://sunsolve.sun.com/search/document.do?assetkey=1-21-119465-16-1 ***** NOTE: Ignore this warning if above mentioned patch is already applied. *****
Insight
Error exists when 'AMConfig.properties' enables the debug flag, allows local users to discover cleartext passwords by reading debug files.
Affected
Sun OpenSSO Enterprise version 8.0 Java System Access Manager version 6.3 2005Q1 or 7.0 2005Q4 or 7.1
References