1453 matches found
Gentoo Security Advisory GLSA 200812-09 (opensc)
The remote host is missing updates announced in advisory GLSA 200812-09. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-200812-09 : OpenSC: Insufficient protection of smart card PIN
The remote host is affected by the vulnerability described in GLSA-200812-09 OpenSC: Insufficient protection of smart card PIN Chaskiel M Grundman reported that OpenSC uses weak permissions ADMIN file control information of 00 for the 5015 directory on smart cards and USB crypto tokens running...
OpenSC: Insufficient protection of smart card PIN
Background OpenSC is a smart card application that allows reading and writing via PKCS11. Description Chaskiel M Grundman reported that OpenSC uses weak permissions ADMIN file control information of 00 for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4. Impact A...
openSUSE 10 Security Update : libopensc2 (libopensc2-5587)
This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization CVE-2008-2235. NOTE: Already initialized cards are still vulnerable after this update...
SuSE 10 Security Update : opensc, opensc-devel (ZYPP Patch Number 5588)
This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update...
Debian Security Advisory DSA 1627-2 (opensc)
The remote host is missing an update to opensc announced via advisory DSA 1627-2. OpenVAS Vulnerability Test $Id: deb16272.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1627-2 opensc Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian: Security Advisory (DSA-1627-2)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2008-3972
pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...
CVE-2008-3972
pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...
CVE-2008-3972
pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...
Design/Logic Flaw
pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...
CVE-2008-3972
pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...
CVE-2008-3972
pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...
CVE-2008-3972
CVE-2008-3972 relates to OpenSC prior to 0.11.6 where security updates to a smart card are not applied unless the card label matches “OpenSC”; this can allow physically proximate attackers to bypass patched vulnerabilities (as linked to CVE-2008-2235). Connected OpenVAS entries show SLES9/SLES10 ...
CVE-2008-3972
pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...
SuSE 10 Security Update : opensc (ZYPP Patch Number 5493)
This update fix a security issues with opensc that occurs during initializing blank smart cards with Siemens CardOS M4. It allows to set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update. Please use the command-li...
[SECURITY] [DSA 1627-2] New opensc package fix incomplete check
------------------------------------------------------------------------ Debian Security Advisory DSA-1627-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst August 31, 2008 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 1627-1 (opensc)
The remote host is missing an update to opensc announced via advisory DSA 1627-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Debian DSA-1627-2 : opensc - programming error
Chaskiel M Grundman discovered that opensc, a library and utilities to handle smart cards, would initialise smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN. With this bug anyone can change a user PIN without...
[SECURITY] [DSA 1627-1] New opensc packages fix smart card vulnerability
------------------------------------------------------------------------ Debian Security Advisory DSA-1627-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst August 04, 2008 http://www.debian.org/security/faq -...