Lucene search
K

1453 matches found

OpenVAS
OpenVAS
added 2008/12/23 12:0 a.m.22 views

Gentoo Security Advisory GLSA 200812-09 (opensc)

The remote host is missing updates announced in advisory GLSA 200812-09. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9CVSS7.6AI score0.00393EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2008/12/11 12:0 a.m.39 views

GLSA-200812-09 : OpenSC: Insufficient protection of smart card PIN

The remote host is affected by the vulnerability described in GLSA-200812-09 OpenSC: Insufficient protection of smart card PIN Chaskiel M Grundman reported that OpenSC uses weak permissions ADMIN file control information of 00 for the 5015 directory on smart cards and USB crypto tokens running...

4.9CVSS7.3AI score0.00393EPSS
Exploits1References2
Gentoo Linux
Gentoo Linux
added 2008/12/10 12:0 a.m.24 views

OpenSC: Insufficient protection of smart card PIN

Background OpenSC is a smart card application that allows reading and writing via PKCS11. Description Chaskiel M Grundman reported that OpenSC uses weak permissions ADMIN file control information of 00 for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4. Impact A...

4.9CVSS6.2AI score0.00393EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2008/09/23 12:0 a.m.20 views

openSUSE 10 Security Update : libopensc2 (libopensc2-5587)

This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization CVE-2008-2235. NOTE: Already initialized cards are still vulnerable after this update...

4.9CVSS7.2AI score0.00393EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2008/09/23 12:0 a.m.23 views

SuSE 10 Security Update : opensc, opensc-devel (ZYPP Patch Number 5588)

This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update...

4.9CVSS7.2AI score0.00393EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2008/09/17 12:0 a.m.23 views

Debian Security Advisory DSA 1627-2 (opensc)

The remote host is missing an update to opensc announced via advisory DSA 1627-2. OpenVAS Vulnerability Test $Id: deb16272.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1627-2 opensc Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

4.9CVSS0.5AI score0.00393EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/09/17 12:0 a.m.13 views

Debian: Security Advisory (DSA-1627-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.6CVSS7.6AI score0.00393EPSS
Exploits1References3
OSV
OSV
added 2008/09/11 1:13 a.m.5 views

DEBIAN-CVE-2008-3972

pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...

6.6CVSS6.9AI score0.00369EPSS
Exploits0References1
OSV
OSV
added 2008/09/11 1:13 a.m.12 views

CVE-2008-3972

pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...

6.4AI score0.00369EPSS
Exploits0References7
NVD
NVD
added 2008/09/11 1:13 a.m.22 views

CVE-2008-3972

pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...

6.6CVSS6.3AI score0.00369EPSS
Exploits0References7
Prion
Prion
added 2008/09/11 1:13 a.m.24 views

Design/Logic Flaw

pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...

6.6CVSS6.5AI score0.00393EPSS
Exploits1References7Affected Software1
UbuntuCve
UbuntuCve
added 2008/09/11 1:13 a.m.17 views

CVE-2008-3972

pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...

6.6CVSS5.9AI score0.00369EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2008/09/10 3:0 p.m.54 views

CVE-2008-3972

pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...

6.6CVSS6.4AI score0.00369EPSS
Exploits0
CVE
CVE
added 2008/09/10 3:0 p.m.60 views

CVE-2008-3972

CVE-2008-3972 relates to OpenSC prior to 0.11.6 where security updates to a smart card are not applied unless the card label matches “OpenSC”; this can allow physically proximate attackers to bypass patched vulnerabilities (as linked to CVE-2008-2235). Connected OpenVAS entries show SLES9/SLES10 ...

6.6CVSS6.3AI score0.00369EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2008/09/10 3:0 p.m.31 views

CVE-2008-3972

pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of...

7.5AI score0.00369EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2008/09/03 12:0 a.m.19 views

SuSE 10 Security Update : opensc (ZYPP Patch Number 5493)

This update fix a security issues with opensc that occurs during initializing blank smart cards with Siemens CardOS M4. It allows to set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update. Please use the command-li...

4.9CVSS7.2AI score0.00393EPSS
Exploits1References2
Debian
Debian
added 2008/08/31 10:37 a.m.46 views

[SECURITY] [DSA 1627-2] New opensc package fix incomplete check

------------------------------------------------------------------------ Debian Security Advisory DSA-1627-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst August 31, 2008 http://www.debian.org/security/faq -...

4.9CVSS6.2AI score0.00393EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/08/15 12:0 a.m.8 views

Debian Security Advisory DSA 1627-1 (opensc)

The remote host is missing an update to opensc announced via advisory DSA 1627-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

4.9CVSS7.5AI score0.00393EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2008/08/05 12:0 a.m.27 views

Debian DSA-1627-2 : opensc - programming error

Chaskiel M Grundman discovered that opensc, a library and utilities to handle smart cards, would initialise smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN. With this bug anyone can change a user PIN without...

4.9CVSS7.1AI score0.00393EPSS
Exploits1References2
Debian
Debian
added 2008/08/04 9:0 a.m.69 views

[SECURITY] [DSA 1627-1] New opensc packages fix smart card vulnerability

------------------------------------------------------------------------ Debian Security Advisory DSA-1627-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst August 04, 2008 http://www.debian.org/security/faq -...

4.9CVSS6.3AI score0.00393EPSS
Exploits1
Rows per page
Query Builder