Lucene search
K

33 matches found

OSV
OSV
added 2021/08/10 11:54 a.m.15 views

ALBA-2021:3049 pcsc-lite bug fix and enhancement update

PC/SC Lite provides a Windows SCard compatible interface for communicating with smart cards, smart card readers, and other security tokens. Bug Fixes: Increase global reader array size to 48 to address issue with RHCS secure channel creation BZ1972569 Increase global reader array size to 48 to...

7.2AI score
Exploits0References1
AlmaLinux
AlmaLinux
added 2021/08/10 11:54 a.m.20 views

pcsc-lite bug fix and enhancement update

PC/SC Lite provides a Windows SCard compatible interface for communicating with smart cards, smart card readers, and other security tokens. Bug Fixes: Increase global reader array size to 48 to address issue with RHCS secure channel creation BZ1972569 Increase global reader array size to 48 to...

1.4AI score
Exploits0References1
Veracode
Veracode
added 2020/04/10 12:49 a.m.19 views

Buffer Overflows

PC/SC Lite is vulnerable to buffer overflow in the way the pcscd daemon. It is due to a resource manager that coordinates communications with smart card readers and smart cards connected to the system, handled client requests. A local user could create a specially-crafted request that would cause...

6.8CVSS4.5AI score0.00394EPSS
Exploits0References16Affected Software1
Veracode
Veracode
added 2020/04/10 12:49 a.m.20 views

Denial Of Service (DoS)

PC/SC Lite is vulnerable to Denial Of Service DoS.It is possible due to the way the pcscd daemon coordinates communications with smart card readers and smart cards connected to the system, handled client requests. A local user could create a specially-crafted request that would cause the pcscd...

2.1CVSS4.6AI score0.0037EPSS
Exploits0References13Affected Software1
Fedora
Fedora
added 2019/04/16 4:4 a.m.12 views

[SECURITY] Fedora 29 Update: pcsc-lite-1.8.25-1.fc29

The purpose of PC/SC Lite is to provide a WindowsR SCard interface in a very small form factor for communicating to smartcards and readers. PC/SC Lite uses the same winscard API as used under WindowsR. This package includes the PC/SC Lite daemon, a resource manager that coordinates communications...

2.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/27 12:0 a.m.57 views

JVN#16136413: Installers of Sony PaSoRi related software may insecurely load Dynamic Link Libraries

PaSoRi provided by Sony Corporation is contactless IC card reader/writer. Installers of PaSoRi driver and other related software for Windows contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with t...

9.3CVSS7.8AI score0.0108EPSS
Exploits0
Kitploit
Kitploit
added 2014/12/09 2:34 a.m.19 views

THC-SmartBrute - Finds undocumented and secret commands implemented in a smartcard

This tool finds undocumented and secret commands implemented in a smartcard. An instruction is divided into Class CLA, Instruction-Number INS and the parameters or arguments P1, P2, P3. THC-SMARTBRUTE iterates through all the possible values of CLA and INS to find a valid combination. Furthermore...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/10/11 12:0 a.m.18 views

Scientific Linux Security Update : ccid on SL5.x i386/x86_64 (20130930)

An integer overflow, leading to an array index error, was found in the way the CCID driver processed a smart card's serial number. A local attacker could use this flaw to execute arbitrary code with the privileges of the user running the PC/SC Lite pcscd daemon root, by default, by inserting a...

4.4CVSS6AI score0.00542EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/03/05 12:0 a.m.21 views

Scientific Linux Security Update : ccid on SL6.x i386/x86_64 (20130221)

An integer overflow, leading to an array index error, was found in the way the CCID driver processed a smart card's serial number. A local attacker could use this flaw to execute arbitrary code with the privileges of the user running the PC/SC Lite pcscd daemon root, by default, by inserting a...

4.4CVSS5.9AI score0.00542EPSS
Exploits0References2
Cent OS
Cent OS
added 2013/02/27 7:34 p.m.67 views

ccid security update

CentOS Errata and Security Advisory CESA-2013:0523 An updated ccid package that fixes one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS...

4.4CVSS6.2AI score0.00542EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2013/02/22 12:0 a.m.14 views

RedHat Update for ccid RHSA-2013:0523-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.4CVSS6.4AI score0.00542EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2013/02/20 4:20 p.m.28 views

Low: Red Hat Security Advisory: ccid security and bug fix update

An updated ccid package that fixes one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

4.4CVSS6.2AI score0.00542EPSS
Exploits0References2
Fedora
Fedora
added 2011/01/13 11:35 p.m.18 views

[SECURITY] Fedora 14 Update: pcsc-lite-1.6.4-3.fc14

The purpose of PC/SC Lite is to provide a WindowsR SCard interface in a very small form factor for communicating to smartcards and readers. PC/SC Lite uses the same winscard API as used under WindowsR. This package includes the PC/SC Lite daemon, a resource manager that coordinates communications...

4.4CVSS2.6AI score0.00498EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/09/27 12:0 a.m.30 views

Mandriva Linux Security Advisory : pcsc-lite (MDVSA-2010:189)

Multiple vulnerabilities has been found and corrected in pcsc-lite : The MSGFunctionDemarshall function in winscardsvc.c in the PC/SC Smart Card daemon aka PCSCD in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service daemon crash via crafted SCARDSETATTRIB message...

6.8CVSS5.7AI score0.00394EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/08/06 12:0 a.m.26 views

Ubuntu 9.04 / 9.10 / 10.04 LTS : pcsc-lite vulnerability (USN-969-1)

It was discovered that the PC/SC service did not correctly handle malformed messages. A local attacker could exploit this to execute arbitrary code with root privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory...

6.8CVSS5.5AI score0.00394EPSS
Exploits0References4
Cent OS
Cent OS
added 2010/07/15 9:11 a.m.69 views

pcsc security update

CentOS Errata and Security Advisory CESA-2010:0533 Updated pcsc-lite packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS...

6.8CVSS6.2AI score0.00394EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2010/07/14 5:0 p.m.24 views

Moderate: Red Hat Security Advisory: pcsc-lite security update

Updated pcsc-lite packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

6.8CVSS6.2AI score0.00394EPSS
Exploits0References2
NVD
NVD
added 2010/06/18 4:30 p.m.15 views

CVE-2009-4902

Buffer overflow in the MSGFunctionDemarshall function in winscardsvc.c in the PC/SC Smart Card daemon aka PCSCD in MUSCLE PCSC-Lite 1.5.4 and earlier might allow local users to gain privileges via crafted SCARDCONTROL message data, which is improperly demarshalled. NOTE: this vulnerability exists...

6.8CVSS6.5AI score0.00379EPSS
Exploits0References11
NVD
NVD
added 2010/06/18 4:30 p.m.19 views

CVE-2010-0407

Multiple buffer overflows in the MSGFunctionDemarshall function in winscardsvc.c in the PC/SC Smart Card daemon aka PCSCD in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled...

6.8CVSS6.3AI score0.00394EPSS
Exploits0References14
Prion
Prion
added 2010/06/18 4:30 p.m.19 views

Buffer overflow

Buffer overflow in the MSGFunctionDemarshall function in winscardsvc.c in the PC/SC Smart Card daemon aka PCSCD in MUSCLE PCSC-Lite 1.5.4 and earlier might allow local users to gain privileges via crafted SCARDCONTROL message data, which is improperly demarshalled. NOTE: this vulnerability exists...

6.8CVSS6.6AI score0.00394EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder