2 matches found
Security Bulletin: Authd service in the IBM Verify Gateway PAM components is vulnerable to denial of service attack (CVE-2020-4399)
Summary The IBM Verify Gateway IVG Authd service listens on TCP port 12. It's possible to mount a denial of service attack by sending malformed requests to port 12, thereby crashing the service. As of v1.0.1 of IVG for AIX PAM, and v1.0.2 of IVG for Linux PAM, the Authd service is not used. The P...
CVE-2020-4399
Summary of CVE-2020-4399 (IBM Verify Gateway PAM) : The vulnerability affects IBM Verify Gateway (IVG) PAM components (AIX PAM v1.0.1 and Linux PAM v1.0.2 as the fixed versions). The issue stems from the Authd service, which listens on TCP port 12 and could be abused by an authenticated user to s...