MiracleLinux 4 : ccid-1.3.9-6.AXS4 (AXSA:2013-120:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-120:01 advisory. Generic USB CCID Chip/Smart Card Interface Devices driver. Security issues fixed with this release: CVE-2010-4530 Signedness error in ccidserial.c in libccid ...

Oracle: Security Advisory (ELSA-2013-0523)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 201401-16

Gentoo Linux Local Security Checks GLSA 201401-16 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

CentOS 5 : ccid (CESA-2013:1323)

An updated ccid package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

openSUSE Security Update : libpcsclite1 (openSUSE-SU-2011:0092-1)

An integer overflow in pcsc-ccid and a buffer overflow in pcsc-lite while handling smart card responses have been fixed. CVE-2010-4530 and CVE-2010-4531 have been assigned to these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

Scientific Linux Security Update : ccid on SL5.x i386/x86_64 (20130930)

An integer overflow, leading to an array index error, was found in the way the CCID driver processed a smart card's serial number. A local attacker could use this flaw to execute arbitrary code with the privileges of the user running the PC/SC Lite pcscd daemon root, by default, by inserting a...

RedHat Update for ccid RHSA-2013:1323-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 5 : ccid (RHSA-2013:1323)

An updated ccid package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

CentOS Update for ccid CESA-2013:0523 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 6 : ccid (CESA-2013:0523)

An updated ccid package that fixes one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

Scientific Linux Security Update : ccid on SL6.x i386/x86_64 (20130221)

An integer overflow, leading to an array index error, was found in the way the CCID driver processed a smart card's serial number. A local attacker could use this flaw to execute arbitrary code with the privileges of the user running the PC/SC Lite pcscd daemon root, by default, by inserting a...

ccid security update

CentOS Errata and Security Advisory CESA-2013:0523 An updated ccid package that fixes one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS...

RedHat Update for ccid RHSA-2013:0523-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RHEL 6 : ccid (RHSA-2013:0523)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2013:0523 advisory. Chip/Smart Card Interface Devices CCID is a USB smart card reader standard followed by most modern smart card readers. The ccid package provides a...

Low: Red Hat Security Advisory: ccid security and bug fix update

An updated ccid package that fixes one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

openSUSE Security Update : libpcsclite1 (openSUSE-SU-2011:0092-1)

An integer overflow in pcsc-ccid and a buffer overflow in pcsc-lite while handling smart card responses have been fixed. CVE-2010-4530 and CVE-2010-4531 have been assigned to these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

SuSE 11.1 Security Update : pcsc-lite (SAT Patch Number 3889)

An integer overflow in pcsc-ccid and a buffer overflow in pcsc-lite while handling smart card responses have been fixed. CVE-2010-4530 / CVE-2010-4531 have been assigned to these issues. Additionally a new device ID for card readers was added. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

[ MDVSA-2011:014 ] ccid

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:014 http://www.mandriva.com/security/ Package : ccid Date : January 20, 2011 Affected: Corporate 4.0 Problem Description: A vulnerability has been found and corrected in ccid: Signedness error in ccidserial....

CVE-2010-4530

Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...

CVE-2010-4530

CVE-2010-4530 affects the USB CCID driver (libccid) within the Generic USB Chip/Smart Card Interface Devices stack, notably in pcscd/PCSC-Lite 1.5.3 and related packages. The issue is triggered in ccid_serial.c by processing a smart card serial number, where a crafted negative value can be used i...