36 matches found
opensc:fuzz_pkcs15_reader: Heap-buffer-overflow in coolkey_get_certificate
Project: https://github.com/OpenSC/OpenSC.git Detailed Report: https://oss-fuzz.com/testcase?key=5652332327206912 Project: opensc Fuzzing Engine: libFuzzer Fuzz Target: fuzzpkcs15reader Job Type: libfuzzerasanopensc Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash Address:...
Oracle: Security Advisory (ELSA-2007-0631)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : coolkey on SL5.x i386/x86_64
Steve Grubb discovered a flaw in the way coolkey created a temporary directory. A local attacker could perform a symlink attack and cause arbitrary files to be overwritten. CVE-2007-4129 In addition, the updated packages contain fixes for the following bugs in the CAC Smart Card support : - CAC...
coolkey security and bug fix update
1.1.0-5 - 1777 is not octal and does not set the correct bits should be 01777 1.1.0-4 - fix cache location to be more secure 1.1.0-3 - replace the install stuff 1.1.0-2 - Back out RHEL-4 version of spec from CVS, add pcsc-lite-lib requires. 1.1.0-1 - Pick up lates release...
CoolKey以不安全的方式创建PK11IPC1临时文件漏洞
BUGTRAQ ID: 26369 CVECAN ID: CVE-2007-4129 CoolKey是PKI解决方案的一部分,提供智能卡登录、单点登录、安全邮件访问等服务。 CoolKey在不安全的方式创建临时文件,本地攻击者可能利用此漏洞覆盖系统文件。 CoolKey以完全可写的权限创建/tmp/.pk11ipc1临时目录,该目录中的文件也是完全可写的,因此本地攻击者可以执行符号链接攻击导致覆盖任意文件。 CoolKey CoolKey 1.0.1 CoolKey CoolKey 1.0 RedHat ------...
CVE-2007-4129
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
CVE-2007-4129
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
Directory traversal
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
CVE-2007-4129
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
DEBIAN-CVE-2007-4129
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
CVE-2007-4129
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
CVE-2007-4129
CVE-2007-4129 affects CoolKey 1.1.0, where a local attacker can exploit a symlink in /tmp/.pk11ipc1/ to overwrite arbitrary files. This is a local impact vulnerability with the root cause in how temporary folders are created. Public sources confirm the issue and reference vendor advisories and pa...
CVE-2007-4129
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
RHEL 5 : coolkey (RHSA-2007:0631)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2007:0631 advisory. coolkey contains the driver support for the CoolKey and Common Access Card CAC Smart Card products. The CAC is used by the U.S. Government. Steve Gru...
Low: Red Hat Security Advisory: coolkey security and bug fix update
Updated coolkey packages that fix a security issue and various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. coolkey contains the driver support for the CoolKey and Common Access Card CAC Smar...
coolkey file and directory permission flaw
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...