Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2010:189 | First vendor Publication | 2010-09-24 |
Vendor | Mandriva | Last vendor Modification | 2010-09-24 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.1 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities has been found and corrected in pcsc-lite: The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service (daemon crash) via crafted SCARD_SET_ATTRIB message data, which is improperly demarshalled and triggers a buffer over-read, a related issue to CVE-2010-0407 (CVE-2009-4901). Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite 1.5.4 and earlier might allow local users to gain privileges via crafted SCARD_CONTROL message data, which is improperly demarshalled. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0407 (CVE-2009-4902). Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled (CVE-2010-0407). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2010:189 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11359 | |||
Oval ID: | oval:org.mitre.oval:def:11359 | ||
Title: | DSA-2059 pcsc-lite -- buffer overflow | ||
Description: | It was discovered that PCSCD, a daemon to access smart cards, was vulnerable to a buffer overflow allowing a local attacker to elevate his privileges to root. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2059 CVE-2010-0407 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | pcsc-lite |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13054 | |||
Oval ID: | oval:org.mitre.oval:def:13054 | ||
Title: | USN-969-1 -- pcsc-lite vulnerability | ||
Description: | It was discovered that the PC/SC service did not correctly handle malformed messages. A local attacker could exploit this to execute arbitrary code with root privileges. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-969-1 CVE-2009-4901 CVE-2009-4902 CVE-2010-0407 | Version: | 5 |
Platform(s): | Ubuntu 10.04 Ubuntu 9.04 Ubuntu 9.10 | Product(s): | pcsc-lite |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13060 | |||
Oval ID: | oval:org.mitre.oval:def:13060 | ||
Title: | DSA-2059-2 pcsc-lite -- buffer overflow | ||
Description: | The update for PCSCD caused a regression with some card readers. This update corrects that regression. The full advisory is below for completeness. It was discovered that PCSCD, a daemon to access smart cards, was vulnerable to a buffer overflow allowing a local attacker to elevate his privileges to root. For the stable distribution, this problem has been fixed in version 1.4.102-1+lenny3. For the unstable distribution, this problem has been fixed in version 1.5.4-1. We recommend that you upgrade your pcsc-lite package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2059-2 CVE-2010-0407 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | pcsc-lite |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13315 | |||
Oval ID: | oval:org.mitre.oval:def:13315 | ||
Title: | DSA-2059-1 pcsc-lite -- buffer overflow | ||
Description: | It was discovered that PCSCD, a daemon to access smart cards, was vulnerable to a buffer overflow allowing a local attacker to elevate his privileges to root. For the stable distribution, this problem has been fixed in version 1.4.102-1+lenny1. For the unstable distribution, this problem has been fixed in version 1.5.4-1. We recommend that you upgrade your pcsc-lite package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2059-1 CVE-2010-0407 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | pcsc-lite |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22253 | |||
Oval ID: | oval:org.mitre.oval:def:22253 | ||
Title: | RHSA-2010:0533: pcsc-lite security update (Moderate) | ||
Description: | Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0533-01 CESA-2010:0533 CVE-2009-4901 CVE-2010-0407 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | pcsc-lite |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22818 | |||
Oval ID: | oval:org.mitre.oval:def:22818 | ||
Title: | ELSA-2010:0533: pcsc-lite security update (Moderate) | ||
Description: | Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0533-01 CVE-2009-4901 CVE-2010-0407 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | pcsc-lite |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27498 | |||
Oval ID: | oval:org.mitre.oval:def:27498 | ||
Title: | DEPRECATED: ELSA-2010-0533 -- pcsc-lite security update (moderate) | ||
Description: | [1.4.4-4] - Fix second typo in overflow patch from upstream [1.4.4-3] - Fix typo in patch [1.4.4-2] - Fix buffer overflow issues | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0533 CVE-2009-4901 CVE-2010-0407 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | pcsc-lite |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for pcsc-lite CESA-2010:0533 centos5 i386 File : nvt/gb_CESA-2010_0533_pcsc-lite_centos5_i386.nasl |
2010-10-01 | Name : Mandriva Update for pcsc-lite MDVSA-2010:189 (pcsc-lite) File : nvt/gb_mandriva_MDVSA_2010_189.nasl |
2010-08-06 | Name : Ubuntu Update for pcsc-lite vulnerability USN-969-1 File : nvt/gb_ubuntu_USN_969_1.nasl |
2010-07-16 | Name : RedHat Update for pcsc-lite RHSA-2010:0533-01 File : nvt/gb_RHSA-2010_0533-01_pcsc-lite.nasl |
2010-07-16 | Name : Fedora Update for pcsc-lite FEDORA-2010-10764 File : nvt/gb_fedora_2010_10764_pcsc-lite_fc12.nasl |
2010-07-06 | Name : Debian Security Advisory DSA 2059-1 (pcsc-lite) File : nvt/deb_2059_1.nasl |
2010-06-18 | Name : Fedora Update for pcsc-lite FEDORA-2010-10014 File : nvt/gb_fedora_2010_10014_pcsc-lite_fc12.nasl |
2010-06-18 | Name : Fedora Update for pcsc-lite FEDORA-2010-9995 File : nvt/gb_fedora_2010_9995_pcsc-lite_fc11.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
65659 | PCSC-Lite PC/SC Smart Card Daemon winscard_svc.c MSGFunctionDemarshall Functi... |
65658 | PCSC-Lite PC/SC Smart Card Daemon winscard_svc.c MSGFunctionDemarshall Functi... |
56188 | PCSC-Lite pcscd /var/run/pcscd.events/ Permission Weakness Local DoS |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2015-07-16 | IAVM : 2015-A-0150 - Multiple Security Vulnerabilities in Juniper Networks CTPView Severity : Category I - VMSKEY : V0061073 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libpcsclite1-100811.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0533.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100714_pcsc_lite_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_pcsc-lite-100706.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_pcsc-lite-100705.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_pcsc-lite-7092.nasl - Type : ACT_GATHER_INFO |
2010-09-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-189.nasl - Type : ACT_GATHER_INFO |
2010-09-16 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_pcsc-lite-100705.nasl - Type : ACT_GATHER_INFO |
2010-08-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libpcsclite1-100811.nasl - Type : ACT_GATHER_INFO |
2010-08-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-969-1.nasl - Type : ACT_GATHER_INFO |
2010-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0533.nasl - Type : ACT_GATHER_INFO |
2010-07-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0533.nasl - Type : ACT_GATHER_INFO |
2010-07-14 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10764.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10014.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-9995.nasl - Type : ACT_GATHER_INFO |
2010-06-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2059.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:41:45 |
|
2013-05-11 00:48:18 |
|