OpenSC CardOS M4 Smart Cards Insecure Permissions Vulnerability
BID:30473
Info
OpenSC CardOS M4 Smart Cards Insecure Permissions Vulnerability
| Bugtraq ID: | 30473 |
| Class: | Design Error |
| CVE: |
CVE-2008-2235 |
| Remote: | No |
| Local: | Yes |
| Published: | Jul 31 2008 12:00AM |
| Updated: | Apr 13 2015 09:59PM |
| Credit: | Chaskiel M Grundman |
| Vulnerable: |
SuSE SUSE Linux Enterprise Server 10 SP2 S.u.S.E. openSUSE 11.0 S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 Pardus Linux 2008 0 OpenSC OpenSC 0.11.5 OpenSC OpenSC 0.11.4 Mandriva Linux Mandrake 2008.1 x86_64 Mandriva Linux Mandrake 2008.1 Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 Mandriva Linux Mandrake 2007.1 x86_64 Mandriva Linux Mandrake 2007.1 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 4.0 Gentoo Linux Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 |
| Not Vulnerable: |
OpenSC OpenSC 0.11.6 |
Discussion
OpenSC CardOS M4 Smart Cards Insecure Permissions Vulnerability
OpenSC insecurely initializes smart cards and USB crypto tokens based on Seimens CardOS M4.
Attackers can leverage this issue to change the PIN number on a card without having knowledge of the existing PIN or PUK number. Successfully exploiting this issue allows attackers to use the card in further attacks.
NOTE: This issue cannot be leveraged to access an existing PIN number.
This issue occurs in versions prior to OpenSC 0.11.6.
OpenSC insecurely initializes smart cards and USB crypto tokens based on Seimens CardOS M4.
Attackers can leverage this issue to change the PIN number on a card without having knowledge of the existing PIN or PUK number. Successfully exploiting this issue allows attackers to use the card in further attacks.
NOTE: This issue cannot be leveraged to access an existing PIN number.
This issue occurs in versions prior to OpenSC 0.11.6.
Exploit / POC
OpenSC CardOS M4 Smart Cards Insecure Permissions Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
OpenSC CardOS M4 Smart Cards Insecure Permissions Vulnerability
Solution:
The vendor released OpenSC 0.11.6 to address this issue. Please see the references for more information.
Mandriva Linux Mandrake 2008.1 x86_64
Mandriva Linux Mandrake 2008.1
MandrakeSoft Corporate Server 4.0
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.0
Mandriva Linux Mandrake 2007.1
Mandriva Linux Mandrake 2007.1 x86_64
OpenSC OpenSC 0.11.4
MandrakeSoft Corporate Server 4.0 x86_64
Solution:
The vendor released OpenSC 0.11.6 to address this issue. Please see the references for more information.
Mandriva Linux Mandrake 2008.1 x86_64
-
Mandriva lib64opensc-devel-0.11.3-2.1mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva lib64opensc2-0.11.3-2.1mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva mozilla-plugin-opensc-0.11.3-2.1mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva opensc-0.11.3-2.1mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/
Mandriva Linux Mandrake 2008.1
-
Mandriva libopensc-devel-0.11.3-2.1mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva libopensc2-0.11.3-2.1mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva mozilla-plugin-opensc-0.11.3-2.1mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva opensc-0.11.3-2.1mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/
MandrakeSoft Corporate Server 4.0
-
Mandriva libopensc2-0.10.1-2.1.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva libopensc2-devel-0.10.1-2.1.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva mozilla-plugin-opensc-0.10.1-2.1.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva opensc-0.10.1-2.1.20060mlcs4.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Linux Mandrake 2008.0 x86_64
-
Mandriva lib64opensc-devel-0.11.3-2.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva lib64opensc2-0.11.3-2.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva mozilla-plugin-opensc-0.11.3-2.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva opensc-0.11.3-2.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/
Mandriva Linux Mandrake 2008.0
-
Mandriva libopensc-devel-0.11.3-2.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva libopensc2-0.11.3-2.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva mozilla-plugin-opensc-0.11.3-2.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva opensc-0.11.3-2.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Linux Mandrake 2007.1
-
Mandriva mozilla-plugin-opensc-0.11.1-3.1mdv2007.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva opensc-0.11.1-3.1mdv2007.1.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Linux Mandrake 2007.1 x86_64
-
Mandriva mozilla-plugin-opensc-0.11.1-3.1mdv2007.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva opensc-0.11.1-3.1mdv2007.1.x86_64.rpm
http://www.mandriva.com/en/download/
OpenSC OpenSC 0.11.4
-
OpenSC opensc-0.11.5.tar.gz
http://www.opensc-project.org/files/opensc/opensc-0.11.5.tar.gz
MandrakeSoft Corporate Server 4.0 x86_64
-
Mandriva lib64opensc2-0.10.1-2.1.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva lib64opensc2-devel-0.10.1-2.1.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva mozilla-plugin-opensc-0.10.1-2.1.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva opensc-0.10.1-2.1.20060mlcs4.x86_64.rpm
http://www.mandriva.com/en/download/
References
OpenSC CardOS M4 Smart Cards Insecure Permissions Vulnerability
References:
References:
- opensc 0.11.6 with fixed security update (Andras Jellinghaus)
- Vendor Homepage (OpenSC)
- OpenSC Security Vulnerability and new Versions of OpenSC, OpenCT, LibP11, Pam_P1 (OpenSC)