Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the maximum number of login attempts within the PAM-enabled application codebase, instead of within the Agent codebase, which makes it easier for remote attackers to discover correct login credentials via a brute-force attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EMC RSA SecurID Authentication Agents for PAM 安全绕过漏洞
Vulnerability Description
RSA SecurID Authentication Agents for PAM是美国易安信(EMC)公司的一个在UNIX及Linux平台上使用的可插入式身份验证模块。该模块集成了多种身份验证技术,如Kerberos、RSA、智能卡和DCE等。 EMC RSA Authentication Agent for PAM 7.0.2.1之前的7.0版本中存在安全漏洞,该漏洞源于PAM-enabled应用程序代码库中设置登录尝试的最大数量,应该设置在Agent代码库。远程攻击者可通过暴力破解攻击利用该漏洞发现
CVSS Information
N/A
Vulnerability Type
N/A