8 matches found
Linux Distros Unpatched Vulnerability : CVE-2009-4901
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The MSGFunctionDemarshall function in winscardsvc.c in the PC/SC Smart Card daemon aka PCSCD in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a...
openSUSE Security Update : libpcsclite1 (openSUSE-SU-2010:0500-1)
This update of pcsc-liste fixes two vulnerabilities : - CVE-2009-4901: local denial of service daemon crash via crafted SCARDSETATTRIB message data, a related issue to CVE-2010-0407. - CVE-2009-4902: a buffer overflow might allow local users to gain privileges via crafted SCARDCONTROL message dat...
openSUSE Security Update : libpcsclite1 (openSUSE-SU-2010:0500-1)
This update of pcsc-liste fixes two vulnerabilities : - CVE-2009-4901: local denial of service daemon crash via crafted SCARDSETATTRIB message data, a related issue to CVE-2010-0407. - CVE-2009-4902: a buffer overflow might allow local users to gain privileges via crafted SCARDCONTROL message dat...
RHEL 5 : pcsc-lite (RHSA-2010:0533)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0533 advisory. - pcsc-lite: Privilege escalation via specially-crafted client to PC/SC Smart Card daemon messages CVE-2009-4901, CVE-2010-0407 Note that...
pcsc security update
CentOS Errata and Security Advisory CESA-2010:0533 Updated pcsc-lite packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS...
Fedora 12 : pcsc-lite-1.5.2-4.fc12 (2010-10014)
An update to address a buffer overflow which could allow a local attacker to elevate privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
CVE-2009-4901
PCSC-Lite (pcscd) before version 1.5.4 is affected by two VMs: CVE-2009-4901 (denial of service via crafted SCARD_SET_ATTRIB data) and CVE-2010-0407 (privilege escalation via crafted message data). The root cause is in MSGFunctionDemarshall in winscard_svc.c, where improper demarshalling leads to...
Debian DSA-2059-1 : pcsc-lite - buffer overflow
It was discovered that PCSCD, a daemon to access smart cards, was vulnerable to a buffer overflow allowing a local attacker to elevate his privileges to root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...