ID DEBIAN:DSA-2156-1:2AAFE Type debian Reporter Debian Modified 2011-01-31T11:22:34
Description
Debian Security Advisory DSA-2156-1 security@debian.org
http://www.debian.org/security/ Steve Kemp
January 31, 2011 http://www.debian.org/security/faq
Package : pcscd
Vulnerability : buffer overflow
Problem type : local
Debian-specific: no
CVE ID : CVE-2010-4531
MWR InfoSecurity identified a buffer overflow in pcscd, middleware
to access a smart card via PC/SC, which could lead to the execution
of arbitrary code.
For the stable distribution (lenny), this problem has been fixed in
version 1.4.102-1+lenny4.
For the testing distribution (squeeze), this problem has been fixed in
version 1.5.5-4.
For the unstable distribution (sid), this problem has been fixed in
version 1.5.5-4.
We recommend that you upgrade your pcscd packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
{"id": "DEBIAN:DSA-2156-1:2AAFE", "bulletinFamily": "unix", "title": "[SECURITY] [DSA-2156-1] pcscd security update", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2156-1 security@debian.org\nhttp://www.debian.org/security/ Steve Kemp\nJanuary 31, 2011 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : pcscd\nVulnerability : buffer overflow\nProblem type : local\nDebian-specific: no\nCVE ID : CVE-2010-4531\n\nMWR InfoSecurity identified a buffer overflow in pcscd, middleware\nto access a smart card via PC/SC, which could lead to the execution\nof arbitrary code.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.4.102-1+lenny4.\n\nFor the testing distribution (squeeze), this problem has been fixed in\nversion 1.5.5-4.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.5.5-4.\n\nWe recommend that you upgrade your pcscd packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n\n\n", "published": "2011-01-31T11:22:34", "modified": "2011-01-31T11:22:34", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00021.html", "reporter": "Debian", "references": [], "cvelist": ["CVE-2010-4531"], "type": "debian", "lastseen": "2020-11-11T13:21:36", "edition": 9, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-4531"]}, {"type": "ubuntu", "idList": ["USN-1125-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310831312", "OPENVAS:1361412562310862788", "OPENVAS:862788", "OPENVAS:862787", "OPENVAS:831312", "OPENVAS:870910", "OPENVAS:1361412562310870910", "OPENVAS:1361412562310840649", "OPENVAS:840649", "OPENVAS:881634"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0525"]}, {"type": "nessus", "idList": ["FEDORA_2011-0123.NASL", "FEDORA_2011-0164.NASL", "CENTOS_RHSA-2013-0525.NASL", "SUSE_PCSC-LITE-7298.NASL", "REDHAT-RHSA-2013-0525.NASL", "GENTOO_GLSA-201401-17.NASL", "DEBIAN_DSA-2156.NASL", "MANDRIVA_MDVSA-2011-015.NASL", "SL_20130221_PCSC_LITE_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2013-0525.NASL"]}, {"type": "centos", "idList": ["CESA-2013:0525"]}, {"type": "redhat", "idList": ["RHSA-2013:0525"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25533", "SECURITYVULNS:VULN:11364"]}, {"type": "gentoo", "idList": ["GLSA-201401-17"]}], "modified": "2020-11-11T13:21:36", "rev": 2}, "score": {"value": 6.7, "vector": "NONE", "modified": "2020-11-11T13:21:36", "rev": 2}, "vulnersScore": 6.7}, "affectedPackage": [{"OS": "Debian", "OSVersion": "5", "arch": "all", "operator": "lt", "packageFilename": "pcsc-lite_1.4.102-1+lenny4_all.deb", "packageName": "pcsc-lite", "packageVersion": "1.4.102-1+lenny4"}], "scheme": null}
{"cve": [{"lastseen": "2020-10-03T11:57:31", "description": "Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value.", "edition": 3, "cvss3": {}, "published": "2011-01-18T18:03:00", "title": "CVE-2010-4531", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4531"], "modified": "2011-02-05T07:00:00", "cpe": ["cpe:/a:muscle:pcsc-lite:1.5.3"], "id": "CVE-2010-4531", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4531", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:muscle:pcsc-lite:1.5.3:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2020-07-09T00:33:44", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4531"], "description": "Rafael Dominguez Vega discovered that PCSC-Lite incorrectly handled smart \ncards with malformed ATR messages. An attacker having physical access \ncould exploit this with a special smart card and cause a denial of service \nor execute arbitrary code.", "edition": 5, "modified": "2011-04-27T00:00:00", "published": "2011-04-27T00:00:00", "id": "USN-1125-1", "href": "https://ubuntu.com/security/notices/USN-1125-1", "title": "PCSC-Lite vulnerability", "type": "ubuntu", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2017-07-24T12:55:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "description": "Check for the Version of pcsc-lite", "modified": "2017-07-06T00:00:00", "published": "2011-01-21T00:00:00", "id": "OPENVAS:831312", "href": "http://plugins.openvas.org/nasl.php?oid=831312", "type": "openvas", "title": "Mandriva Update for pcsc-lite MDVSA-2011:015 (pcsc-lite)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for pcsc-lite MDVSA-2011:015 (pcsc-lite)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in pcsc-lite:\n\n Stack-based buffer overflow in the ATRDecodeAtr function in the\n Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite\n 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically\n proximate attackers to cause a denial of service (crash) and possibly\n execute arbitrary code via a smart card with an ATR message containing\n a long attribute value (CVE-2010-4531).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"pcsc-lite on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-01/msg00018.php\");\n script_id(831312);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-21 14:59:01 +0100 (Fri, 21 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2011:015\");\n script_cve_id(\"CVE-2010-4531\");\n script_name(\"Mandriva Update for pcsc-lite MDVSA-2011:015 (pcsc-lite)\");\n\n script_summary(\"Check for the Version of pcsc-lite\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpcsclite1\", rpm:\"libpcsclite1~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-devel\", rpm:\"libpcsclite-devel~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-static-devel\", rpm:\"libpcsclite-static-devel~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite1\", rpm:\"lib64pcsclite1~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-devel\", rpm:\"lib64pcsclite-devel~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-static-devel\", rpm:\"lib64pcsclite-static-devel~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpcsclite1\", rpm:\"libpcsclite1~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-devel\", rpm:\"libpcsclite-devel~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-static-devel\", rpm:\"libpcsclite-static-devel~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite1\", rpm:\"lib64pcsclite1~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-devel\", rpm:\"lib64pcsclite-devel~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-static-devel\", rpm:\"lib64pcsclite-static-devel~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpcsclite1\", rpm:\"libpcsclite1~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-devel\", rpm:\"libpcsclite-devel~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-static-devel\", rpm:\"libpcsclite-static-devel~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite1\", rpm:\"lib64pcsclite1~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-devel\", rpm:\"lib64pcsclite-devel~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-static-devel\", rpm:\"lib64pcsclite-static-devel~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpcsclite1\", rpm:\"libpcsclite1~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-devel\", rpm:\"libpcsclite-devel~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-static-devel\", rpm:\"libpcsclite-static-devel~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite1\", rpm:\"lib64pcsclite1~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-devel\", rpm:\"lib64pcsclite-devel~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-static-devel\", rpm:\"lib64pcsclite-static-devel~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-22T13:10:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "description": "Check for the Version of pcsc-lite", "modified": "2018-01-22T00:00:00", "published": "2013-02-22T00:00:00", "id": "OPENVAS:870910", "href": "http://plugins.openvas.org/nasl.php?oid=870910", "type": "openvas", "title": "RedHat Update for pcsc-lite RHSA-2013:0525-02", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for pcsc-lite RHSA-2013:0525-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PC/SC Lite provides a Windows SCard compatible interface for communicating\n with smart cards, smart card readers, and other security tokens.\n\n A stack-based buffer overflow flaw was found in the way pcsc-lite decoded\n certain attribute values of Answer-to-Reset (ATR) messages. A local\n attacker could use this flaw to execute arbitrary code with the privileges\n of the user running the pcscd daemon (root, by default), by inserting a\n specially-crafted smart card. (CVE-2010-4531)\n\n This update also fixes the following bugs:\n\n * Due to an error in the init script, the chkconfig utility did not\n automatically place the pcscd init script after the start of the HAL\n daemon. Consequently, the pcscd service did not start automatically at boot\n time. With this update, the pcscd init script has been changed to\n explicitly start only after HAL is up, thus fixing this bug. (BZ#788474,\n BZ#814549)\n\n * Because the chkconfig settings and the startup files in the /etc/rc.d/\n directory were not changed during the update described in the\n RHBA-2012:0990 advisory, the user had to update the chkconfig settings\n manually to fix the problem. Now, the chkconfig settings and the startup\n files in the /etc/rc.d/ directory are automatically updated as expected.\n (BZ#834803)\n\n * Previously, the SCardGetAttrib() function did not work properly and\n always returned the "SCARD_E_INSUFFICIENT_BUFFER" error regardless of the\n actual buffer size. This update applies a patch to fix this bug and the\n SCardGetAttrib() function now works as expected. (BZ#891852)\n\n All users of pcsc-lite are advised to upgrade to these updated packages,\n which fix these issues. After installing this update, the pcscd daemon will\n be restarted automatically.\";\n\n\ntag_affected = \"pcsc-lite on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-February/msg00063.html\");\n script_id(870910);\n script_version(\"$Revision: 8483 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 07:58:04 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:00:40 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2010-4531\");\n script_bugtraq_id(45450);\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2013:0525-02\");\n script_name(\"RedHat Update for pcsc-lite RHSA-2013:0525-02\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pcsc-lite\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.5.2~11.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite-debuginfo\", rpm:\"pcsc-lite-debuginfo~1.5.2~11.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite-libs\", rpm:\"pcsc-lite-libs~1.5.2~11.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2011-01-21T00:00:00", "id": "OPENVAS:1361412562310831312", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831312", "type": "openvas", "title": "Mandriva Update for pcsc-lite MDVSA-2011:015 (pcsc-lite)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for pcsc-lite MDVSA-2011:015 (pcsc-lite)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-01/msg00018.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831312\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-21 14:59:01 +0100 (Fri, 21 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"MDVSA\", value:\"2011:015\");\n script_cve_id(\"CVE-2010-4531\");\n script_name(\"Mandriva Update for pcsc-lite MDVSA-2011:015 (pcsc-lite)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pcsc-lite'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1|2010\\.0|2009\\.0)\");\n script_tag(name:\"affected\", value:\"pcsc-lite on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"A vulnerability has been found and corrected in pcsc-lite:\n\n Stack-based buffer overflow in the ATRDecodeAtr function in the\n Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite\n 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically\n proximate attackers to cause a denial of service (crash) and possibly\n execute arbitrary code via a smart card with an ATR message containing\n a long attribute value (CVE-2010-4531).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. The updated packages have been patched to correct this issue.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpcsclite1\", rpm:\"libpcsclite1~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-devel\", rpm:\"libpcsclite-devel~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-static-devel\", rpm:\"libpcsclite-static-devel~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite1\", rpm:\"lib64pcsclite1~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-devel\", rpm:\"lib64pcsclite-devel~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-static-devel\", rpm:\"lib64pcsclite-static-devel~1.4.102~1.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpcsclite1\", rpm:\"libpcsclite1~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-devel\", rpm:\"libpcsclite-devel~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-static-devel\", rpm:\"libpcsclite-static-devel~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite1\", rpm:\"lib64pcsclite1~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-devel\", rpm:\"lib64pcsclite-devel~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-static-devel\", rpm:\"lib64pcsclite-static-devel~1.5.5~2.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpcsclite1\", rpm:\"libpcsclite1~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-devel\", rpm:\"libpcsclite-devel~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-static-devel\", rpm:\"libpcsclite-static-devel~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite1\", rpm:\"lib64pcsclite1~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-devel\", rpm:\"lib64pcsclite-devel~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-static-devel\", rpm:\"lib64pcsclite-static-devel~1.5.5~1.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpcsclite1\", rpm:\"libpcsclite1~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-devel\", rpm:\"libpcsclite-devel~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpcsclite-static-devel\", rpm:\"libpcsclite-static-devel~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite1\", rpm:\"lib64pcsclite1~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-devel\", rpm:\"lib64pcsclite-devel~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pcsclite-static-devel\", rpm:\"lib64pcsclite-static-devel~1.4.102~1.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-22T13:10:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "description": "Check for the Version of pcsc-lite", "modified": "2018-01-22T00:00:00", "published": "2013-03-12T00:00:00", "id": "OPENVAS:881634", "href": "http://plugins.openvas.org/nasl.php?oid=881634", "type": "openvas", "title": "CentOS Update for pcsc-lite CESA-2013:0525 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for pcsc-lite CESA-2013:0525 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PC/SC Lite provides a Windows SCard compatible interface for communicating\n with smart cards, smart card readers, and other security tokens.\n\n A stack-based buffer overflow flaw was found in the way pcsc-lite decoded\n certain attribute values of Answer-to-Reset (ATR) messages. A local\n attacker could use this flaw to execute arbitrary code with the privileges\n of the user running the pcscd daemon (root, by default), by inserting a\n specially-crafted smart card. (CVE-2010-4531)\n \n This update also fixes the following bugs:\n \n * Due to an error in the init script, the chkconfig utility did not\n automatically place the pcscd init script after the start of the HAL\n daemon. Consequently, the pcscd service did not start automatically at boot\n time. With this update, the pcscd init script has been changed to\n explicitly start only after HAL is up, thus fixing this bug. (BZ#788474,\n BZ#814549)\n \n * Because the chkconfig settings and the startup files in the /etc/rc.d/\n directory were not changed during the update described in the\n RHBA-2012:0990 advisory, the user had to update the chkconfig settings\n manually to fix the problem. Now, the chkconfig settings and the startup\n files in the /etc/rc.d/ directory are automatically updated as expected.\n (BZ#834803)\n \n * Previously, the SCardGetAttrib() function did not work properly and\n always returned the "SCARD_E_INSUFFICIENT_BUFFER" error regardless of the\n actual buffer size. This update applies a patch to fix this bug and the\n SCardGetAttrib() function now works as expected. (BZ#891852)\n \n All users of pcsc-lite are advised to upgrade to these updated packages,\n which fix these issues. After installing this update, the pcscd daemon will\n be restarted automatically.\";\n\n\ntag_affected = \"pcsc-lite on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-March/019466.html\");\n script_id(881634);\n script_version(\"$Revision: 8483 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 07:58:04 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 09:58:55 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2010-4531\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2013:0525\");\n script_name(\"CentOS Update for pcsc-lite CESA-2013:0525 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pcsc-lite\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.5.2~11.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite-devel\", rpm:\"pcsc-lite-devel~1.5.2~11.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite-doc\", rpm:\"pcsc-lite-doc~1.5.2~11.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite-libs\", rpm:\"pcsc-lite-libs~1.5.2~11.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "description": "Oracle Linux Local Security Checks ELSA-2013-0525", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123717", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123717", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0525", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0525.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123717\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:36 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0525\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0525 - pcsc-lite security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0525\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0525.html\");\n script_cve_id(\"CVE-2010-4531\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.5.2~11.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"pcsc-lite-devel\", rpm:\"pcsc-lite-devel~1.5.2~11.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"pcsc-lite-doc\", rpm:\"pcsc-lite-doc~1.5.2~11.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"pcsc-lite-libs\", rpm:\"pcsc-lite-libs~1.5.2~11.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "description": "The remote host is missing an update for the ", "modified": "2019-03-12T00:00:00", "published": "2013-02-22T00:00:00", "id": "OPENVAS:1361412562310870910", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870910", "type": "openvas", "title": "RedHat Update for pcsc-lite RHSA-2013:0525-02", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for pcsc-lite RHSA-2013:0525-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-February/msg00063.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870910\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:00:40 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2010-4531\");\n script_bugtraq_id(45450);\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2013:0525-02\");\n script_name(\"RedHat Update for pcsc-lite RHSA-2013:0525-02\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pcsc-lite'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"pcsc-lite on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"PC/SC Lite provides a Windows SCard compatible interface for communicating\n with smart cards, smart card readers, and other security tokens.\n\n A stack-based buffer overflow flaw was found in the way pcsc-lite decoded\n certain attribute values of Answer-to-Reset (ATR) messages. A local\n attacker could use this flaw to execute arbitrary code with the privileges\n of the user running the pcscd daemon (root, by default), by inserting a\n specially-crafted smart card. (CVE-2010-4531)\n\n This update also fixes the following bugs:\n\n * Due to an error in the init script, the chkconfig utility did not\n automatically place the pcscd init script after the start of the HAL\n daemon. Consequently, the pcscd service did not start automatically at boot\n time. With this update, the pcscd init script has been changed to\n explicitly start only after HAL is up, thus fixing this bug. (BZ#788474,\n BZ#814549)\n\n * Because the chkconfig settings and the startup files in the /etc/rc.d/\n directory were not changed during the update described in the\n RHBA-2012:0990 advisory, the user had to update the chkconfig settings\n manually to fix the problem. Now, the chkconfig settings and the startup\n files in the /etc/rc.d/ directory are automatically updated as expected.\n (BZ#834803)\n\n * Previously, the SCardGetAttrib() function did not work properly and\n always returned the 'SCARD_E_INSUFFICIENT_BUFFER' error regardless of the\n actual buffer size. This update applies a patch to fix this bug and the\n SCardGetAttrib() function now works as expected. (BZ#891852)\n\n All users of pcsc-lite are advised to upgrade to these updated packages,\n which fix these issues. After installing this update, the pcscd daemon will\n be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.5.2~11.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite-debuginfo\", rpm:\"pcsc-lite-debuginfo~1.5.2~11.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite-libs\", rpm:\"pcsc-lite-libs~1.5.2~11.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-12T00:00:00", "id": "OPENVAS:1361412562310881634", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881634", "type": "openvas", "title": "CentOS Update for pcsc-lite CESA-2013:0525 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for pcsc-lite CESA-2013:0525 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019466.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881634\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 09:58:55 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2010-4531\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2013:0525\");\n script_name(\"CentOS Update for pcsc-lite CESA-2013:0525 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pcsc-lite'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"pcsc-lite on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"PC/SC Lite provides a Windows SCard compatible interface for communicating\n with smart cards, smart card readers, and other security tokens.\n\n A stack-based buffer overflow flaw was found in the way pcsc-lite decoded\n certain attribute values of Answer-to-Reset (ATR) messages. A local\n attacker could use this flaw to execute arbitrary code with the privileges\n of the user running the pcscd daemon (root, by default), by inserting a\n specially-crafted smart card. (CVE-2010-4531)\n\n This update also fixes the following bugs:\n\n * Due to an error in the init script, the chkconfig utility did not\n automatically place the pcscd init script after the start of the HAL\n daemon. Consequently, the pcscd service did not start automatically at boot\n time. With this update, the pcscd init script has been changed to\n explicitly start only after HAL is up, thus fixing this bug. (BZ#788474,\n BZ#814549)\n\n * Because the chkconfig settings and the startup files in the /etc/rc.d/\n directory were not changed during the update described in the\n RHBA-2012:0990 advisory, the user had to update the chkconfig settings\n manually to fix the problem. Now, the chkconfig settings and the startup\n files in the /etc/rc.d/ directory are automatically updated as expected.\n (BZ#834803)\n\n * Previously, the SCardGetAttrib() function did not work properly and\n always returned the 'SCARD_E_INSUFFICIENT_BUFFER' error regardless of the\n actual buffer size. This update applies a patch to fix this bug and the\n SCardGetAttrib() function now works as expected. (BZ#891852)\n\n All users of pcsc-lite are advised to upgrade to these updated packages,\n which fix these issues. After installing this update, the pcscd daemon will\n be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.5.2~11.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite-devel\", rpm:\"pcsc-lite-devel~1.5.2~11.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite-doc\", rpm:\"pcsc-lite-doc~1.5.2~11.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite-libs\", rpm:\"pcsc-lite-libs~1.5.2~11.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-01-14T00:00:00", "id": "OPENVAS:1361412562310862788", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862788", "type": "openvas", "title": "Fedora Update for pcsc-lite FEDORA-2011-0123", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pcsc-lite FEDORA-2011-0123\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053095.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862788\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_xref(name:\"FEDORA\", value:\"2011-0123\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-4531\");\n script_name(\"Fedora Update for pcsc-lite FEDORA-2011-0123\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pcsc-lite'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"pcsc-lite on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.5.5~5.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1125-1", "modified": "2019-03-13T00:00:00", "published": "2011-05-10T00:00:00", "id": "OPENVAS:1361412562310840649", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840649", "type": "openvas", "title": "Ubuntu Update for pcsc-lite USN-1125-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1125_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for pcsc-lite USN-1125-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1125-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840649\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1125-1\");\n script_cve_id(\"CVE-2010-4531\");\n script_name(\"Ubuntu Update for pcsc-lite USN-1125-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|9\\.10|10\\.10)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1125-1\");\n script_tag(name:\"affected\", value:\"pcsc-lite on Ubuntu 10.10,\n Ubuntu 10.04 LTS,\n Ubuntu 9.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Rafael Dominguez Vega discovered that PCSC-Lite incorrectly handled smart\n cards with malformed ATR messages. An attacker having physical access\n could exploit this with a special smart card and cause a denial of service\n or execute arbitrary code.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpcsclite1\", ver:\"1.5.3-1ubuntu4.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpcsclite1\", ver:\"1.5.3-1ubuntu1.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpcsclite1\", ver:\"1.5.5-3ubuntu2.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-01-14T00:00:00", "id": "OPENVAS:1361412562310862787", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862787", "type": "openvas", "title": "Fedora Update for pcsc-lite FEDORA-2011-0164", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pcsc-lite FEDORA-2011-0164\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053079.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862787\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_xref(name:\"FEDORA\", value:\"2011-0164\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-4531\");\n script_name(\"Fedora Update for pcsc-lite FEDORA-2011-0164\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pcsc-lite'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"pcsc-lite on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"pcsc-lite\", rpm:\"pcsc-lite~1.6.4~3.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-10-30T13:20:40", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4531"], "description": "**CentOS Errata and Security Advisory** CESA-2013:0525\n\n\nPC/SC Lite provides a Windows SCard compatible interface for communicating\nwith smart cards, smart card readers, and other security tokens.\n\nA stack-based buffer overflow flaw was found in the way pcsc-lite decoded\ncertain attribute values of Answer-to-Reset (ATR) messages. A local\nattacker could use this flaw to execute arbitrary code with the privileges\nof the user running the pcscd daemon (root, by default), by inserting a\nspecially-crafted smart card. (CVE-2010-4531)\n\nThis update also fixes the following bugs:\n\n* Due to an error in the init script, the chkconfig utility did not\nautomatically place the pcscd init script after the start of the HAL\ndaemon. Consequently, the pcscd service did not start automatically at boot\ntime. With this update, the pcscd init script has been changed to\nexplicitly start only after HAL is up, thus fixing this bug. (BZ#788474,\nBZ#814549)\n\n* Because the chkconfig settings and the startup files in the /etc/rc.d/\ndirectory were not changed during the update described in the\nRHBA-2012:0990 advisory, the user had to update the chkconfig settings\nmanually to fix the problem. Now, the chkconfig settings and the startup\nfiles in the /etc/rc.d/ directory are automatically updated as expected.\n(BZ#834803)\n\n* Previously, the SCardGetAttrib() function did not work properly and\nalways returned the \"SCARD_E_INSUFFICIENT_BUFFER\" error regardless of the\nactual buffer size. This update applies a patch to fix this bug and the\nSCardGetAttrib() function now works as expected. (BZ#891852)\n\nAll users of pcsc-lite are advised to upgrade to these updated packages,\nwhich fix these issues. After installing this update, the pcscd daemon will\nbe restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/031504.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-February/006857.html\n\n**Affected packages:**\npcsc-lite\npcsc-lite-devel\npcsc-lite-doc\npcsc-lite-libs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0525.html", "edition": 7, "modified": "2013-03-09T00:42:23", "published": "2013-02-27T19:37:16", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-February/006857.html", "id": "CESA-2013:0525", "title": "pcsc security update", "type": "centos", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:38", "bulletinFamily": "software", "cvelist": ["CVE-2010-4531"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2011:015\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : pcsc-lite\r\n Date : January 20, 2011\r\n Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been found and corrected in pcsc-lite:\r\n \r\n Stack-based buffer overflow in the ATRDecodeAtr function in the\r\n Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite\r\n 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically\r\n proximate attackers to cause a denial of service (crash) and possibly\r\n execute arbitrary code via a smart card with an ATR message containing\r\n a long attribute value (CVE-2010-4531).\r\n \r\n Packages for 2009.0 are provided as of the Extended Maintenance\r\n Program. Please visit this link to learn more:\r\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4531\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.0:\r\n d137c48f4e931440a7c0b8f15fcff4b8 2009.0/i586/libpcsclite1-1.4.102-1.2mdv2009.0.i586.rpm\r\n 25116e1db3bda3affb09d59b4adc6aef 2009.0/i586/libpcsclite-devel-1.4.102-1.2mdv2009.0.i586.rpm\r\n 302d0c768b5b610547f55a3781f14fa8 2009.0/i586/libpcsclite-static-devel-1.4.102-1.2mdv2009.0.i586.rpm\r\n d18ad9858c8995ca754138e0bd7a9bd8 2009.0/i586/pcsc-lite-1.4.102-1.2mdv2009.0.i586.rpm \r\n 92270b043c53d716e12eac331480ffe9 2009.0/SRPMS/pcsc-lite-1.4.102-1.2mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n b8690a3cb9fe4cef11a2f7181f07c2bf 2009.0/x86_64/lib64pcsclite1-1.4.102-1.2mdv2009.0.x86_64.rpm\r\n 70a6ff7af784249e5f3dbec686c5c992 2009.0/x86_64/lib64pcsclite-devel-1.4.102-1.2mdv2009.0.x86_64.rpm\r\n 01141839cdc3d10e5df39d34cad4b1d0 \r\n2009.0/x86_64/lib64pcsclite-static-devel-1.4.102-1.2mdv2009.0.x86_64.rpm\r\n f49b21cb00dde2c767661f4e8512c9d2 2009.0/x86_64/pcsc-lite-1.4.102-1.2mdv2009.0.x86_64.rpm \r\n 92270b043c53d716e12eac331480ffe9 2009.0/SRPMS/pcsc-lite-1.4.102-1.2mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2010.0:\r\n e8542ceffedf0e3e10a75451fa7ac4cd 2010.0/i586/libpcsclite1-1.5.5-1.1mdv2010.0.i586.rpm\r\n 9909eecea315d85cc1a5f22680ccb55b 2010.0/i586/libpcsclite-devel-1.5.5-1.1mdv2010.0.i586.rpm\r\n 9d4e979b5245f8f03670571801bc1ee1 2010.0/i586/libpcsclite-static-devel-1.5.5-1.1mdv2010.0.i586.rpm\r\n 4293654f2187a51a09e16402665d40bf 2010.0/i586/pcsc-lite-1.5.5-1.1mdv2010.0.i586.rpm \r\n c3ea63013e5cdbc56ebdca3f8305379a 2010.0/SRPMS/pcsc-lite-1.5.5-1.1mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.0/X86_64:\r\n cafd52e2470853139baa1a4c92251d8d 2010.0/x86_64/lib64pcsclite1-1.5.5-1.1mdv2010.0.x86_64.rpm\r\n 7c27626ea5b0ca2bfcf6a6f44cecd432 2010.0/x86_64/lib64pcsclite-devel-1.5.5-1.1mdv2010.0.x86_64.rpm\r\n f9073247d0152fabc96b147c2b06ca4b \r\n2010.0/x86_64/lib64pcsclite-static-devel-1.5.5-1.1mdv2010.0.x86_64.rpm\r\n c6d768906fb0a1a6025d560f835faf32 2010.0/x86_64/pcsc-lite-1.5.5-1.1mdv2010.0.x86_64.rpm \r\n c3ea63013e5cdbc56ebdca3f8305379a 2010.0/SRPMS/pcsc-lite-1.5.5-1.1mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.1:\r\n b590e80c2a64596453c593ee70c5e8e1 2010.1/i586/libpcsclite1-1.5.5-2.1mdv2010.2.i586.rpm\r\n 35aedb0f443c5b96faf2cc3f0c9774d0 2010.1/i586/libpcsclite-devel-1.5.5-2.1mdv2010.2.i586.rpm\r\n 483ee37eb2ae95fe44649c449028efaa 2010.1/i586/libpcsclite-static-devel-1.5.5-2.1mdv2010.2.i586.rpm\r\n ed00d83148affe361345db65cd29c5db 2010.1/i586/pcsc-lite-1.5.5-2.1mdv2010.2.i586.rpm \r\n a53a46520d0b3f55a5672ae66db13a18 2010.1/SRPMS/pcsc-lite-1.5.5-2.1mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2010.1/X86_64:\r\n b05d60aa1b2fe29a60defe1b06a20a8e 2010.1/x86_64/lib64pcsclite1-1.5.5-2.1mdv2010.2.x86_64.rpm\r\n 910af804d47eb0667a420f51410a5d97 2010.1/x86_64/lib64pcsclite-devel-1.5.5-2.1mdv2010.2.x86_64.rpm\r\n 6a04a618d0f85e8b4bd0cd59336bd7b9 \r\n2010.1/x86_64/lib64pcsclite-static-devel-1.5.5-2.1mdv2010.2.x86_64.rpm\r\n d61120d304cd581e9529b12d68c67e1b 2010.1/x86_64/pcsc-lite-1.5.5-2.1mdv2010.2.x86_64.rpm \r\n a53a46520d0b3f55a5672ae66db13a18 2010.1/SRPMS/pcsc-lite-1.5.5-2.1mdv2010.2.src.rpm\r\n\r\n Corporate 4.0:\r\n d198bb12df9768650b8b023cf0682235 corporate/4.0/i586/libpcsclite1-1.3.0-2.2.20060mlcs4.i586.rpm\r\n e4ac5a2b593ef62fae4d2b27f504423c corporate/4.0/i586/libpcsclite1-devel-1.3.0-2.2.20060mlcs4.i586.rpm\r\n c4542e045341899a71b51e2790807be2 \r\ncorporate/4.0/i586/libpcsclite1-static-devel-1.3.0-2.2.20060mlcs4.i586.rpm\r\n 953f7cbed53e20c1e6141593ef682ce8 corporate/4.0/i586/pcsc-lite-1.3.0-2.2.20060mlcs4.i586.rpm \r\n 3c6765a9ebd8fd682f2894ded24252d5 corporate/4.0/SRPMS/pcsc-lite-1.3.0-2.2.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n b614f7ed9446b338baa784ae5f52bd12 corporate/4.0/x86_64/lib64pcsclite1-1.3.0-2.2.20060mlcs4.x86_64.rpm\r\n d0ab4bd7bba3aa12d795ec14b5275255 \r\ncorporate/4.0/x86_64/lib64pcsclite1-devel-1.3.0-2.2.20060mlcs4.x86_64.rpm\r\n 04c4bc08d596259e4353c52d5e933070 \r\ncorporate/4.0/x86_64/lib64pcsclite1-static-devel-1.3.0-2.2.20060mlcs4.x86_64.rpm\r\n 6603ce736b8a876949d4d63a08d56e00 corporate/4.0/x86_64/pcsc-lite-1.3.0-2.2.20060mlcs4.x86_64.rpm \r\n 3c6765a9ebd8fd682f2894ded24252d5 corporate/4.0/SRPMS/pcsc-lite-1.3.0-2.2.20060mlcs4.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 7ed0fa196d040622f207790461b52a43 mes5/i586/libpcsclite1-1.4.102-1.2mdvmes5.1.i586.rpm\r\n f879e7282ab9cc61e84ebd2597499f80 mes5/i586/libpcsclite-devel-1.4.102-1.2mdvmes5.1.i586.rpm\r\n 73554d61bc2ab9cb03a150f56a0d6350 mes5/i586/libpcsclite-static-devel-1.4.102-1.2mdvmes5.1.i586.rpm\r\n 06579ff154adcd565b9cab0f840754cd mes5/i586/pcsc-lite-1.4.102-1.2mdvmes5.1.i586.rpm \r\n 5cc332351f3350333e0e0f38b9a45771 mes5/SRPMS/pcsc-lite-1.4.102-1.2mdvmes5.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n cfa52291779d9196a52d29010705d8d7 mes5/x86_64/lib64pcsclite1-1.4.102-1.2mdvmes5.1.x86_64.rpm\r\n 081a1250e01700a76a9a671a633b7c11 mes5/x86_64/lib64pcsclite-devel-1.4.102-1.2mdvmes5.1.x86_64.rpm\r\n 480be64c067ac9a4db1cf17fc83da674 \r\nmes5/x86_64/lib64pcsclite-static-devel-1.4.102-1.2mdvmes5.1.x86_64.rpm\r\n ddefa78d3c632d33aa5521192bcc53ca mes5/x86_64/pcsc-lite-1.4.102-1.2mdvmes5.1.x86_64.rpm \r\n 5cc332351f3350333e0e0f38b9a45771 mes5/SRPMS/pcsc-lite-1.4.102-1.2mdvmes5.1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD4DBQFNOH7FmqjQ0CJFipgRAq9/AKCDh6iIaGpAJk79DRyL4F33leMQIwCVFQ46\r\nS0gtdmrSQ8PhtZNCI85Y1g==\r\n=yOk5\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2011-01-24T00:00:00", "published": "2011-01-24T00:00:00", "id": "SECURITYVULNS:DOC:25533", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25533", "title": "[ MDVSA-2011:015 ] pcsc-lite", "type": "securityvulns", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:40", "bulletinFamily": "software", "cvelist": ["CVE-2010-4523", "CVE-2010-4530", "CVE-2010-4531"], "description": "Buffer overflow on oversized smart card serial number.", "edition": 1, "modified": "2011-01-24T00:00:00", "published": "2011-01-24T00:00:00", "id": "SECURITYVULNS:VULN:11364", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11364", "title": "OpenSC / PCSC-Lite library buffer overflow", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:16", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4531"], "description": "[1.5.2-11]\n- fix overflow issue introduced in 1.5.2-5 and incorrectly corrected in\n 1.5.2-6\n[1.5.2-10]\n- CVE-2010-4531\n[1.5.2-9]\n- Bump version number so it doesn't get confused with z stream build.", "edition": 4, "modified": "2013-02-22T00:00:00", "published": "2013-02-22T00:00:00", "id": "ELSA-2013-0525", "href": "http://linux.oracle.com/errata/ELSA-2013-0525.html", "title": "pcsc-lite security and bug fix update", "type": "oraclelinux", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:07", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4531"], "description": "### Background\n\nPCSC-Lite is a PC/SC Architecture smartcard middleware library.\n\n### Description\n\nPCSC-Lite contains a stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset Handler (atrhandler.c). \n\n### Impact\n\nA physically proximate attacker could execute arbitrary code or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll PCSC-Lite users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-apps/pcsc-lite-1.6.6\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are available since January 10, 2011. It is likely that your system is already no longer affected by this issue.", "edition": 1, "modified": "2014-01-21T00:00:00", "published": "2014-01-21T00:00:00", "id": "GLSA-201401-17", "href": "https://security.gentoo.org/glsa/201401-17", "type": "gentoo", "title": "PCSC-Lite: Arbitrary code execution", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4531"], "description": "The purpose of PC/SC Lite is to provide a Windows(R) SCard interface in a very small form factor for communicating to smartcards and readers. PC/SC Lite uses the same winscard API as used under Windows(R). This package includes the PC/SC Lite daemon, a resource manager that coordinates communications with smart card readers and smart cards that are connected to the system, as well as other command line tools. ", "modified": "2011-01-13T23:38:23", "published": "2011-01-13T23:38:23", "id": "FEDORA:6BCDB110D8C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: pcsc-lite-1.5.5-5.fc13", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4531"], "description": "The purpose of PC/SC Lite is to provide a Windows(R) SCard interface in a very small form factor for communicating to smartcards and readers. PC/SC Lite uses the same winscard API as used under Windows(R). This package includes the PC/SC Lite daemon, a resource manager that coordinates communications with smart card readers and smart cards that are connected to the system, as well as other command line tools. ", "modified": "2011-01-13T23:35:38", "published": "2011-01-13T23:35:38", "id": "FEDORA:9E7E9110A63", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: pcsc-lite-1.6.4-3.fc14", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-06T09:28:33", "description": "Updated pcsc-lite packages that fix one security issue and three bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPC/SC Lite provides a Windows SCard compatible interface for\ncommunicating with smart cards, smart card readers, and other security\ntokens.\n\nA stack-based buffer overflow flaw was found in the way pcsc-lite\ndecoded certain attribute values of Answer-to-Reset (ATR) messages. A\nlocal attacker could use this flaw to execute arbitrary code with the\nprivileges of the user running the pcscd daemon (root, by default), by\ninserting a specially crafted smart card. (CVE-2010-4531)\n\nThis update also fixes the following bugs :\n\n* Due to an error in the init script, the chkconfig utility did not\nautomatically place the pcscd init script after the start of the HAL\ndaemon. Consequently, the pcscd service did not start automatically at\nboot time. With this update, the pcscd init script has been changed to\nexplicitly start only after HAL is up, thus fixing this bug.\n(BZ#788474, BZ#814549)\n\n* Because the chkconfig settings and the startup files in the\n/etc/rc.d/ directory were not changed during the update described in\nthe RHBA-2012:0990 advisory, the user had to update the chkconfig\nsettings manually to fix the problem. Now, the chkconfig settings and\nthe startup files in the /etc/rc.d/ directory are automatically\nupdated as expected. (BZ#834803)\n\n* Previously, the SCardGetAttrib() function did not work properly and\nalways returned the 'SCARD_E_INSUFFICIENT_BUFFER' error regardless of\nthe actual buffer size. This update applies a patch to fix this bug\nand the SCardGetAttrib() function now works as expected. (BZ#891852)\n\nAll users of pcsc-lite are advised to upgrade to these updated\npackages, which fix these issues. After installing this update, the\npcscd daemon will be restarted automatically.", "edition": 25, "published": "2013-03-10T00:00:00", "title": "CentOS 6 : pcsc-lite (CESA-2013:0525)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "modified": "2013-03-10T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:pcsc-lite-doc", "p-cpe:/a:centos:centos:pcsc-lite-libs", "p-cpe:/a:centos:centos:pcsc-lite", "p-cpe:/a:centos:centos:pcsc-lite-devel"], "id": "CENTOS_RHSA-2013-0525.NASL", "href": "https://www.tenable.com/plugins/nessus/65155", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0525 and \n# CentOS Errata and Security Advisory 2013:0525 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65155);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-4531\");\n script_bugtraq_id(45450);\n script_xref(name:\"RHSA\", value:\"2013:0525\");\n\n script_name(english:\"CentOS 6 : pcsc-lite (CESA-2013:0525)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated pcsc-lite packages that fix one security issue and three bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPC/SC Lite provides a Windows SCard compatible interface for\ncommunicating with smart cards, smart card readers, and other security\ntokens.\n\nA stack-based buffer overflow flaw was found in the way pcsc-lite\ndecoded certain attribute values of Answer-to-Reset (ATR) messages. A\nlocal attacker could use this flaw to execute arbitrary code with the\nprivileges of the user running the pcscd daemon (root, by default), by\ninserting a specially crafted smart card. (CVE-2010-4531)\n\nThis update also fixes the following bugs :\n\n* Due to an error in the init script, the chkconfig utility did not\nautomatically place the pcscd init script after the start of the HAL\ndaemon. Consequently, the pcscd service did not start automatically at\nboot time. With this update, the pcscd init script has been changed to\nexplicitly start only after HAL is up, thus fixing this bug.\n(BZ#788474, BZ#814549)\n\n* Because the chkconfig settings and the startup files in the\n/etc/rc.d/ directory were not changed during the update described in\nthe RHBA-2012:0990 advisory, the user had to update the chkconfig\nsettings manually to fix the problem. Now, the chkconfig settings and\nthe startup files in the /etc/rc.d/ directory are automatically\nupdated as expected. (BZ#834803)\n\n* Previously, the SCardGetAttrib() function did not work properly and\nalways returned the 'SCARD_E_INSUFFICIENT_BUFFER' error regardless of\nthe actual buffer size. This update applies a patch to fix this bug\nand the SCardGetAttrib() function now works as expected. (BZ#891852)\n\nAll users of pcsc-lite are advised to upgrade to these updated\npackages, which fix these issues. After installing this update, the\npcscd daemon will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-March/019466.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2620bfa3\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2013-February/000657.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f07f9079\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pcsc-lite packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2010-4531\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pcsc-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pcsc-lite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pcsc-lite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pcsc-lite-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"pcsc-lite-1.5.2-11.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"pcsc-lite-devel-1.5.2-11.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"pcsc-lite-doc-1.5.2-11.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"pcsc-lite-libs-1.5.2-11.el6\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcsc-lite / pcsc-lite-devel / pcsc-lite-doc / pcsc-lite-libs\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:08:56", "description": "This update fixes the following security issue :\n\nA stack-based buffer overflow flaw was found in the way PC/SC Lite\nsmart card framework decoded certain attribute values of the\nAnswer-to-Reset (ATR) message, received back from the card after\nconnecting. A local attacker could use this flaw to execute arbitrary\ncode with the privileges of the user running the pcscd daemon, via a\nmalicious smart card inserted to the system USB port.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2011-01-14T00:00:00", "title": "Fedora 13 : pcsc-lite-1.5.5-5.fc13 (2011-0123)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "modified": "2011-01-14T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:pcsc-lite"], "id": "FEDORA_2011-0123.NASL", "href": "https://www.tenable.com/plugins/nessus/51514", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-0123.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51514);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4531\");\n script_xref(name:\"FEDORA\", value:\"2011-0123\");\n\n script_name(english:\"Fedora 13 : pcsc-lite-1.5.5-5.fc13 (2011-0123)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issue :\n\nA stack-based buffer overflow flaw was found in the way PC/SC Lite\nsmart card framework decoded certain attribute values of the\nAnswer-to-Reset (ATR) message, received back from the card after\nconnecting. A local attacker could use this flaw to execute arbitrary\ncode with the privileges of the user running the pcscd daemon, via a\nmalicious smart card inserted to the system USB port.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=664999\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053095.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9963e4d9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pcsc-lite package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pcsc-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"pcsc-lite-1.5.5-5.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcsc-lite\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:12:04", "description": "Updated pcsc-lite packages that fix one security issue and three bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPC/SC Lite provides a Windows SCard compatible interface for\ncommunicating with smart cards, smart card readers, and other security\ntokens.\n\nA stack-based buffer overflow flaw was found in the way pcsc-lite\ndecoded certain attribute values of Answer-to-Reset (ATR) messages. A\nlocal attacker could use this flaw to execute arbitrary code with the\nprivileges of the user running the pcscd daemon (root, by default), by\ninserting a specially crafted smart card. (CVE-2010-4531)\n\nThis update also fixes the following bugs :\n\n* Due to an error in the init script, the chkconfig utility did not\nautomatically place the pcscd init script after the start of the HAL\ndaemon. Consequently, the pcscd service did not start automatically at\nboot time. With this update, the pcscd init script has been changed to\nexplicitly start only after HAL is up, thus fixing this bug.\n(BZ#788474, BZ#814549)\n\n* Because the chkconfig settings and the startup files in the\n/etc/rc.d/ directory were not changed during the update described in\nthe RHBA-2012:0990 advisory, the user had to update the chkconfig\nsettings manually to fix the problem. Now, the chkconfig settings and\nthe startup files in the /etc/rc.d/ directory are automatically\nupdated as expected. (BZ#834803)\n\n* Previously, the SCardGetAttrib() function did not work properly and\nalways returned the 'SCARD_E_INSUFFICIENT_BUFFER' error regardless of\nthe actual buffer size. This update applies a patch to fix this bug\nand the SCardGetAttrib() function now works as expected. (BZ#891852)\n\nAll users of pcsc-lite are advised to upgrade to these updated\npackages, which fix these issues. After installing this update, the\npcscd daemon will be restarted automatically.", "edition": 25, "published": "2013-02-21T00:00:00", "title": "RHEL 6 : pcsc-lite (RHSA-2013:0525)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "modified": "2013-02-21T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:pcsc-lite-devel", "p-cpe:/a:redhat:enterprise_linux:pcsc-lite", "p-cpe:/a:redhat:enterprise_linux:pcsc-lite-libs", "p-cpe:/a:redhat:enterprise_linux:pcsc-lite-debuginfo", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:pcsc-lite-doc"], "id": "REDHAT-RHSA-2013-0525.NASL", "href": "https://www.tenable.com/plugins/nessus/64771", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0525. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64771);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-4531\");\n script_xref(name:\"RHSA\", value:\"2013:0525\");\n\n script_name(english:\"RHEL 6 : pcsc-lite (RHSA-2013:0525)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated pcsc-lite packages that fix one security issue and three bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPC/SC Lite provides a Windows SCard compatible interface for\ncommunicating with smart cards, smart card readers, and other security\ntokens.\n\nA stack-based buffer overflow flaw was found in the way pcsc-lite\ndecoded certain attribute values of Answer-to-Reset (ATR) messages. A\nlocal attacker could use this flaw to execute arbitrary code with the\nprivileges of the user running the pcscd daemon (root, by default), by\ninserting a specially crafted smart card. (CVE-2010-4531)\n\nThis update also fixes the following bugs :\n\n* Due to an error in the init script, the chkconfig utility did not\nautomatically place the pcscd init script after the start of the HAL\ndaemon. Consequently, the pcscd service did not start automatically at\nboot time. With this update, the pcscd init script has been changed to\nexplicitly start only after HAL is up, thus fixing this bug.\n(BZ#788474, BZ#814549)\n\n* Because the chkconfig settings and the startup files in the\n/etc/rc.d/ directory were not changed during the update described in\nthe RHBA-2012:0990 advisory, the user had to update the chkconfig\nsettings manually to fix the problem. Now, the chkconfig settings and\nthe startup files in the /etc/rc.d/ directory are automatically\nupdated as expected. (BZ#834803)\n\n* Previously, the SCardGetAttrib() function did not work properly and\nalways returned the 'SCARD_E_INSUFFICIENT_BUFFER' error regardless of\nthe actual buffer size. This update applies a patch to fix this bug\nand the SCardGetAttrib() function now works as expected. (BZ#891852)\n\nAll users of pcsc-lite are advised to upgrade to these updated\npackages, which fix these issues. After installing this update, the\npcscd daemon will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4531\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcsc-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcsc-lite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcsc-lite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcsc-lite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcsc-lite-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0525\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"pcsc-lite-1.5.2-11.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"pcsc-lite-1.5.2-11.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"pcsc-lite-1.5.2-11.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"pcsc-lite-debuginfo-1.5.2-11.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"pcsc-lite-devel-1.5.2-11.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"pcsc-lite-doc-1.5.2-11.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"pcsc-lite-doc-1.5.2-11.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"pcsc-lite-doc-1.5.2-11.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"pcsc-lite-libs-1.5.2-11.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcsc-lite / pcsc-lite-debuginfo / pcsc-lite-devel / pcsc-lite-doc / etc\");\n }\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:47:47", "description": "From Red Hat Security Advisory 2013:0525 :\n\nUpdated pcsc-lite packages that fix one security issue and three bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPC/SC Lite provides a Windows SCard compatible interface for\ncommunicating with smart cards, smart card readers, and other security\ntokens.\n\nA stack-based buffer overflow flaw was found in the way pcsc-lite\ndecoded certain attribute values of Answer-to-Reset (ATR) messages. A\nlocal attacker could use this flaw to execute arbitrary code with the\nprivileges of the user running the pcscd daemon (root, by default), by\ninserting a specially crafted smart card. (CVE-2010-4531)\n\nThis update also fixes the following bugs :\n\n* Due to an error in the init script, the chkconfig utility did not\nautomatically place the pcscd init script after the start of the HAL\ndaemon. Consequently, the pcscd service did not start automatically at\nboot time. With this update, the pcscd init script has been changed to\nexplicitly start only after HAL is up, thus fixing this bug.\n(BZ#788474, BZ#814549)\n\n* Because the chkconfig settings and the startup files in the\n/etc/rc.d/ directory were not changed during the update described in\nthe RHBA-2012:0990 advisory, the user had to update the chkconfig\nsettings manually to fix the problem. Now, the chkconfig settings and\nthe startup files in the /etc/rc.d/ directory are automatically\nupdated as expected. (BZ#834803)\n\n* Previously, the SCardGetAttrib() function did not work properly and\nalways returned the 'SCARD_E_INSUFFICIENT_BUFFER' error regardless of\nthe actual buffer size. This update applies a patch to fix this bug\nand the SCardGetAttrib() function now works as expected. (BZ#891852)\n\nAll users of pcsc-lite are advised to upgrade to these updated\npackages, which fix these issues. After installing this update, the\npcscd daemon will be restarted automatically.", "edition": 22, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : pcsc-lite (ELSA-2013-0525)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:pcsc-lite-doc", "p-cpe:/a:oracle:linux:pcsc-lite-libs", "p-cpe:/a:oracle:linux:pcsc-lite", "p-cpe:/a:oracle:linux:pcsc-lite-devel"], "id": "ORACLELINUX_ELSA-2013-0525.NASL", "href": "https://www.tenable.com/plugins/nessus/68760", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0525 and \n# Oracle Linux Security Advisory ELSA-2013-0525 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68760);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-4531\");\n script_bugtraq_id(45450);\n script_xref(name:\"RHSA\", value:\"2013:0525\");\n\n script_name(english:\"Oracle Linux 6 : pcsc-lite (ELSA-2013-0525)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0525 :\n\nUpdated pcsc-lite packages that fix one security issue and three bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPC/SC Lite provides a Windows SCard compatible interface for\ncommunicating with smart cards, smart card readers, and other security\ntokens.\n\nA stack-based buffer overflow flaw was found in the way pcsc-lite\ndecoded certain attribute values of Answer-to-Reset (ATR) messages. A\nlocal attacker could use this flaw to execute arbitrary code with the\nprivileges of the user running the pcscd daemon (root, by default), by\ninserting a specially crafted smart card. (CVE-2010-4531)\n\nThis update also fixes the following bugs :\n\n* Due to an error in the init script, the chkconfig utility did not\nautomatically place the pcscd init script after the start of the HAL\ndaemon. Consequently, the pcscd service did not start automatically at\nboot time. With this update, the pcscd init script has been changed to\nexplicitly start only after HAL is up, thus fixing this bug.\n(BZ#788474, BZ#814549)\n\n* Because the chkconfig settings and the startup files in the\n/etc/rc.d/ directory were not changed during the update described in\nthe RHBA-2012:0990 advisory, the user had to update the chkconfig\nsettings manually to fix the problem. Now, the chkconfig settings and\nthe startup files in the /etc/rc.d/ directory are automatically\nupdated as expected. (BZ#834803)\n\n* Previously, the SCardGetAttrib() function did not work properly and\nalways returned the 'SCARD_E_INSUFFICIENT_BUFFER' error regardless of\nthe actual buffer size. This update applies a patch to fix this bug\nand the SCardGetAttrib() function now works as expected. (BZ#891852)\n\nAll users of pcsc-lite are advised to upgrade to these updated\npackages, which fix these issues. After installing this update, the\npcscd daemon will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-February/003285.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pcsc-lite packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pcsc-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pcsc-lite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pcsc-lite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pcsc-lite-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"pcsc-lite-1.5.2-11.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"pcsc-lite-devel-1.5.2-11.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"pcsc-lite-doc-1.5.2-11.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"pcsc-lite-libs-1.5.2-11.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcsc-lite / pcsc-lite-devel / pcsc-lite-doc / pcsc-lite-libs\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:55:26", "description": "The remote host is affected by the vulnerability described in GLSA-201401-17\n(PCSC-Lite: Arbitrary code execution)\n\n PCSC-Lite contains a stack-based buffer overflow in the ATRDecodeAtr\n function in the\n Answer-to-Reset Handler (atrhandler.c).\n \nImpact :\n\n A physically proximate attacker could execute arbitrary code or cause a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 21, "published": "2014-01-22T00:00:00", "title": "GLSA-201401-17 : PCSC-Lite: Arbitrary code execution", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "modified": "2014-01-22T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:pcsc-lite"], "id": "GENTOO_GLSA-201401-17.NASL", "href": "https://www.tenable.com/plugins/nessus/72072", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201401-17.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72072);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-4531\");\n script_bugtraq_id(45450);\n script_xref(name:\"GLSA\", value:\"201401-17\");\n\n script_name(english:\"GLSA-201401-17 : PCSC-Lite: Arbitrary code execution\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201401-17\n(PCSC-Lite: Arbitrary code execution)\n\n PCSC-Lite contains a stack-based buffer overflow in the ATRDecodeAtr\n function in the\n Answer-to-Reset Handler (atrhandler.c).\n \nImpact :\n\n A physically proximate attacker could execute arbitrary code or cause a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201401-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All PCSC-Lite users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-apps/pcsc-lite-1.6.6'\n NOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since January 10, 2011. It is likely that your system is\n already no longer affected by this issue.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:pcsc-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"sys-apps/pcsc-lite\", unaffected:make_list(\"ge 1.6.6\"), vulnerable:make_list(\"lt 1.6.6\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PCSC-Lite\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:47:26", "description": "A stack-based buffer overflow flaw was found in the way pcsc-lite\ndecoded certain attribute values of Answer-to-Reset (ATR) messages. A\nlocal attacker could use this flaw to execute arbitrary code with the\nprivileges of the user running the pcscd daemon (root, by default), by\ninserting a specially crafted smart card. (CVE-2010-4531)\n\nThis update also fixes the following bugs :\n\n - Due to an error in the init script, the chkconfig\n utility did not automatically place the pcscd init\n script after the start of the HAL daemon. Consequently,\n the pcscd service did not start automatically at boot\n time. With this update, the pcscd init script has been\n changed to explicitly start only after HAL is up, thus\n fixing this bug.\n\n - Because the chkconfig settings and the startup files in\n the /etc/rc.d/ directory were not changed during the\n update described in the SLBA-2012:0990 advisory, the\n user had to update the chkconfig settings manually to\n fix the problem. Now, the chkconfig settings and the\n startup files in the /etc/rc.d/ directory are\n automatically updated as expected.\n\n - Previously, the SCardGetAttrib() function did not work\n properly and always returned the\n 'SCARD_E_INSUFFICIENT_BUFFER' error regardless of the\n actual buffer size. This update applies a patch to fix\n this bug and the SCardGetAttrib() function now works as\n expected.\n\nAfter installing this update, the pcscd daemon will be restarted\nautomatically.", "edition": 16, "published": "2013-03-01T00:00:00", "title": "Scientific Linux Security Update : pcsc-lite on SL6.x i386/x86_64 (20130221)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "modified": "2013-03-01T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:pcsc-lite-devel", "p-cpe:/a:fermilab:scientific_linux:pcsc-lite-debuginfo", "p-cpe:/a:fermilab:scientific_linux:pcsc-lite-doc", "p-cpe:/a:fermilab:scientific_linux:pcsc-lite", "p-cpe:/a:fermilab:scientific_linux:pcsc-lite-libs", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20130221_PCSC_LITE_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/64956", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64956);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-4531\");\n\n script_name(english:\"Scientific Linux Security Update : pcsc-lite on SL6.x i386/x86_64 (20130221)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A stack-based buffer overflow flaw was found in the way pcsc-lite\ndecoded certain attribute values of Answer-to-Reset (ATR) messages. A\nlocal attacker could use this flaw to execute arbitrary code with the\nprivileges of the user running the pcscd daemon (root, by default), by\ninserting a specially crafted smart card. (CVE-2010-4531)\n\nThis update also fixes the following bugs :\n\n - Due to an error in the init script, the chkconfig\n utility did not automatically place the pcscd init\n script after the start of the HAL daemon. Consequently,\n the pcscd service did not start automatically at boot\n time. With this update, the pcscd init script has been\n changed to explicitly start only after HAL is up, thus\n fixing this bug.\n\n - Because the chkconfig settings and the startup files in\n the /etc/rc.d/ directory were not changed during the\n update described in the SLBA-2012:0990 advisory, the\n user had to update the chkconfig settings manually to\n fix the problem. Now, the chkconfig settings and the\n startup files in the /etc/rc.d/ directory are\n automatically updated as expected.\n\n - Previously, the SCardGetAttrib() function did not work\n properly and always returned the\n 'SCARD_E_INSUFFICIENT_BUFFER' error regardless of the\n actual buffer size. This update applies a patch to fix\n this bug and the SCardGetAttrib() function now works as\n expected.\n\nAfter installing this update, the pcscd daemon will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1302&L=scientific-linux-errata&T=0&P=5528\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d1d5cc08\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pcsc-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pcsc-lite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pcsc-lite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pcsc-lite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pcsc-lite-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"pcsc-lite-1.5.2-11.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"pcsc-lite-debuginfo-1.5.2-11.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"pcsc-lite-devel-1.5.2-11.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"pcsc-lite-doc-1.5.2-11.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"pcsc-lite-libs-1.5.2-11.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcsc-lite / pcsc-lite-debuginfo / pcsc-lite-devel / pcsc-lite-doc / etc\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:53:04", "description": "A vulnerability has been found and corrected in pcsc-lite :\n\nStack-based buffer overflow in the ATRDecodeAtr function in the\nAnswer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite\n1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically\nproximate attackers to cause a denial of service (crash) and possibly\nexecute arbitrary code via a smart card with an ATR message containing\na long attribute value (CVE-2010-4531).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct this issue.", "edition": 24, "published": "2011-01-28T00:00:00", "title": "Mandriva Linux Security Advisory : pcsc-lite (MDVSA-2011:015)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "modified": "2011-01-28T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:pcsc-lite", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:lib64pcsclite1", "p-cpe:/a:mandriva:linux:lib64pcsclite-devel", "p-cpe:/a:mandriva:linux:libpcsclite-static-devel", "cpe:/o:mandriva:linux:2010.1", "p-cpe:/a:mandriva:linux:lib64pcsclite-static-devel", "cpe:/o:mandriva:linux:2010.0", "p-cpe:/a:mandriva:linux:libpcsclite1", "p-cpe:/a:mandriva:linux:libpcsclite-devel"], "id": "MANDRIVA_MDVSA-2011-015.NASL", "href": "https://www.tenable.com/plugins/nessus/51806", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:015. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51806);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-4531\");\n script_bugtraq_id(45450);\n script_xref(name:\"MDVSA\", value:\"2011:015\");\n\n script_name(english:\"Mandriva Linux Security Advisory : pcsc-lite (MDVSA-2011:015)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in pcsc-lite :\n\nStack-based buffer overflow in the ATRDecodeAtr function in the\nAnswer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite\n1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically\nproximate attackers to cause a denial of service (crash) and possibly\nexecute arbitrary code via a smart card with an ATR message containing\na long attribute value (CVE-2010-4531).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pcsclite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pcsclite-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pcsclite1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpcsclite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpcsclite-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpcsclite1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pcsc-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64pcsclite-devel-1.4.102-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64pcsclite-static-devel-1.4.102-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64pcsclite1-1.4.102-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpcsclite-devel-1.4.102-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpcsclite-static-devel-1.4.102-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpcsclite1-1.4.102-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"pcsc-lite-1.4.102-1.2mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64pcsclite-devel-1.5.5-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64pcsclite-static-devel-1.5.5-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64pcsclite1-1.5.5-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libpcsclite-devel-1.5.5-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libpcsclite-static-devel-1.5.5-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libpcsclite1-1.5.5-1.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"pcsc-lite-1.5.5-1.1mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64pcsclite-devel-1.5.5-2.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64pcsclite-static-devel-1.5.5-2.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64pcsclite1-1.5.5-2.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpcsclite-devel-1.5.5-2.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpcsclite-static-devel-1.5.5-2.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpcsclite1-1.5.5-2.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"pcsc-lite-1.5.5-2.1mdv2010.2\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:46:15", "description": "MWR InfoSecurity identified a buffer overflow in pcscd, middleware to\naccess a smart card via PC/SC, which could lead to the execution of\narbitrary code.", "edition": 16, "published": "2011-02-01T00:00:00", "title": "Debian DSA-2156-1 : pcscd - buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "modified": "2011-02-01T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:pcscd", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2156.NASL", "href": "https://www.tenable.com/plugins/nessus/51829", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2156. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51829);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-4531\");\n script_bugtraq_id(45450);\n script_xref(name:\"DSA\", value:\"2156\");\n\n script_name(english:\"Debian DSA-2156-1 : pcscd - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"MWR InfoSecurity identified a buffer overflow in pcscd, middleware to\naccess a smart card via PC/SC, which could lead to the execution of\narbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2156\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the pcscd packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.4.102-1+lenny4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pcscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/02/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"pcscd\", reference:\"1.4.102-1+lenny4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T06:34:59", "description": "Rafael Dominguez Vega discovered that PCSC-Lite incorrectly handled\nsmart cards with malformed ATR messages. An attacker having physical\naccess could exploit this with a special smart card and cause a denial\nof service or execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-06-13T00:00:00", "title": "Ubuntu 9.10 / 10.04 LTS / 10.10 : pcsc-lite vulnerability (USN-1125-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libpcsclite1", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:9.10"], "id": "UBUNTU_USN-1125-1.NASL", "href": "https://www.tenable.com/plugins/nessus/55085", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1125-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55085);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2010-4531\");\n script_bugtraq_id(45450);\n script_xref(name:\"USN\", value:\"1125-1\");\n\n script_name(english:\"Ubuntu 9.10 / 10.04 LTS / 10.10 : pcsc-lite vulnerability (USN-1125-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Rafael Dominguez Vega discovered that PCSC-Lite incorrectly handled\nsmart cards with malformed ATR messages. An attacker having physical\naccess could exploit this with a special smart card and cause a denial\nof service or execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1125-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpcsclite1 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpcsclite1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libpcsclite1\", pkgver:\"1.5.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libpcsclite1\", pkgver:\"1.5.3-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libpcsclite1\", pkgver:\"1.5.5-3ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpcsclite1\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:08:57", "description": "This update fixes the following security issue :\n\nA stack-based buffer overflow flaw was found in the way PC/SC Lite\nsmart card framework decoded certain attribute values of the\nAnswer-to-Reset (ATR) message, received back from the card after\nconnecting. A local attacker could use this flaw to execute arbitrary\ncode with the privileges of the user running the pcscd daemon, via a\nmalicious smart card inserted to the system USB port.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2011-01-14T00:00:00", "title": "Fedora 14 : pcsc-lite-1.6.4-3.fc14 (2011-0164)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4531"], "modified": "2011-01-14T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:pcsc-lite"], "id": "FEDORA_2011-0164.NASL", "href": "https://www.tenable.com/plugins/nessus/51518", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-0164.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51518);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4531\");\n script_xref(name:\"FEDORA\", value:\"2011-0164\");\n\n script_name(english:\"Fedora 14 : pcsc-lite-1.6.4-3.fc14 (2011-0164)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issue :\n\nA stack-based buffer overflow flaw was found in the way PC/SC Lite\nsmart card framework decoded certain attribute values of the\nAnswer-to-Reset (ATR) message, received back from the card after\nconnecting. A local attacker could use this flaw to execute arbitrary\ncode with the privileges of the user running the pcscd daemon, via a\nmalicious smart card inserted to the system USB port.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=664999\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053079.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?90189d9c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pcsc-lite package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pcsc-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"pcsc-lite-1.6.4-3.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcsc-lite\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:46:12", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4531"], "description": "PC/SC Lite provides a Windows SCard compatible interface for communicating\nwith smart cards, smart card readers, and other security tokens.\n\nA stack-based buffer overflow flaw was found in the way pcsc-lite decoded\ncertain attribute values of Answer-to-Reset (ATR) messages. A local\nattacker could use this flaw to execute arbitrary code with the privileges\nof the user running the pcscd daemon (root, by default), by inserting a\nspecially-crafted smart card. (CVE-2010-4531)\n\nThis update also fixes the following bugs:\n\n* Due to an error in the init script, the chkconfig utility did not\nautomatically place the pcscd init script after the start of the HAL\ndaemon. Consequently, the pcscd service did not start automatically at boot\ntime. With this update, the pcscd init script has been changed to\nexplicitly start only after HAL is up, thus fixing this bug. (BZ#788474,\nBZ#814549)\n\n* Because the chkconfig settings and the startup files in the /etc/rc.d/\ndirectory were not changed during the update described in the\nRHBA-2012:0990 advisory, the user had to update the chkconfig settings\nmanually to fix the problem. Now, the chkconfig settings and the startup\nfiles in the /etc/rc.d/ directory are automatically updated as expected.\n(BZ#834803)\n\n* Previously, the SCardGetAttrib() function did not work properly and\nalways returned the \"SCARD_E_INSUFFICIENT_BUFFER\" error regardless of the\nactual buffer size. This update applies a patch to fix this bug and the\nSCardGetAttrib() function now works as expected. (BZ#891852)\n\nAll users of pcsc-lite are advised to upgrade to these updated packages,\nwhich fix these issues. After installing this update, the pcscd daemon will\nbe restarted automatically.\n", "modified": "2018-06-06T20:24:17", "published": "2013-02-21T05:00:00", "id": "RHSA-2013:0525", "href": "https://access.redhat.com/errata/RHSA-2013:0525", "type": "redhat", "title": "(RHSA-2013:0525) Moderate: pcsc-lite security and bug fix update", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}]}
