Computer Security
[EN] securityvulns.ru no-pyccku


OpenSC protection bypass
Published:12.04.2009
Source:
SecurityVulns ID:9820
Type:local
Threat Level:
5/10
Description:It's possible to obtain access to smart card data without entering PIN.
Affected:OPENSC : OpenSC 0.11
CVE:CVE-2009-0368 (OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:089 ] opensc (12.04.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod