27 matches found
EUVD-2008-2232
Malware in sbrugna...
SuSE9 Security Update : opensc (YOU Patch Number 12216)
This update fix a security issues with opensc that occurs during initializing blank smart cards with Siemens CardOS M4. It allows to set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update. Please use the command-li...
SuSE 10 Security Update : opensc (ZYPP Patch Number 5910)
This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update...
SuSE9 Security Update : opensc, opensc-devel (YOU Patch Number 12240)
This revised update fixes a security issue with opensc that occurs when initializing blank smart cards with Siemens CardOS M4. After initialization, anyone could set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: cards already initialized with the old version are still...
openSUSE Security Update : libopensc2 (libopensc2-186)
This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization CVE-2008-2235. NOTE: Already initialized cards are still vulnerable after this update...
openSUSE Security Update : libopensc2 (libopensc2-130)
This update fixes a security issues with opensc that occurs during initializing blank smart cards with Siemens CardOS M4. It allows to set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update. Please use the...
Mandriva Linux Security Advisory : opensc (MDVSA-2008:183)
Chaskiel M Grundman found that OpenSC would initialize smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN without first having the PIN or PUK, or the superuser's PIN or PUK CVE-2008-2235. Please note that this...
Mandriva Update for opensc MDVSA-2008:183 (opensc)
Check for the Version of opensc OpenVAS Vulnerability Test Mandriva Update for opensc MDVSA-2008:183 opensc Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
GLSA-200812-09 : OpenSC: Insufficient protection of smart card PIN
The remote host is affected by the vulnerability described in GLSA-200812-09 OpenSC: Insufficient protection of smart card PIN Chaskiel M Grundman reported that OpenSC uses weak permissions ADMIN file control information of 00 for the 5015 directory on smart cards and USB crypto tokens running...
OpenSC: Insufficient protection of smart card PIN
Background OpenSC is a smart card application that allows reading and writing via PKCS11. Description Chaskiel M Grundman reported that OpenSC uses weak permissions ADMIN file control information of 00 for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4. Impact A...
SuSE 10 Security Update : opensc, opensc-devel (ZYPP Patch Number 5588)
This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update...
Debian Security Advisory DSA 1627-2 (opensc)
The remote host is missing an update to opensc announced via advisory DSA 1627-2. OpenVAS Vulnerability Test $Id: deb16272.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1627-2 opensc Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
SuSE 10 Security Update : opensc (ZYPP Patch Number 5493)
This update fix a security issues with opensc that occurs during initializing blank smart cards with Siemens CardOS M4. It allows to set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update. Please use the command-li...
openSUSE 10 Security Update : libopensc2 (libopensc2-5494)
This update fixes a security issues with opensc that occurs during initializing blank smart cards with Siemens CardOS M4. It allows to set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update. Please use the...
[SECURITY] [DSA 1627-2] New opensc package fix incomplete check
------------------------------------------------------------------------ Debian Security Advisory DSA-1627-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst August 31, 2008 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 1627-1 (opensc)
The remote host is missing an update to opensc announced via advisory DSA 1627-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Debian DSA-1627-2 : opensc - programming error
Chaskiel M Grundman discovered that opensc, a library and utilities to handle smart cards, would initialise smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN. With this bug anyone can change a user PIN without...
[SECURITY] [DSA 1627-1] New opensc packages fix smart card vulnerability
------------------------------------------------------------------------ Debian Security Advisory DSA-1627-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst August 04, 2008 http://www.debian.org/security/faq -...
OpenSC CardOS M4智能卡不安全权限漏洞
BUGTRAQ ID: 30473 CVE ID:CVE-2008-2235 CNCVE ID:CNCVE-20082235 OpenSC是一款开放源代码的智能卡访问的库和工具集。 OpenSC不安全初始化基于Seimens CardOS M4的智能卡和USB加密令牌,本地攻击者可以利用漏洞无需了解已经存在的PIN或PUK号码就更改卡中的PIN值。 目前没有详细漏洞细节提供。 OpenSC 0.11.4 OpenSC OpenSC 0.11.4 OpenSC opensc-0.11.5.tar.gz...
DSA-1627-2 opensc - smart card vulnerability
Bulletin has no description...