Back to search
CVE-2009-0368
Published: Mar 2, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
34120
third-party-advisory
x_refsource_SECUNIA
33922
vdb-entry
x_refsource_BID
opensc-pkcs-unauth-access(48958)
vdb-entry
x_refsource_XF
34362
third-party-advisory
x_refsource_SECUNIA
35065
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-2266
vendor-advisory
x_refsource_FEDORA
[oss-security] 20090226 OpenSC Security Advisory
mailing-list
x_refsource_MLIST
DSA-1734
vendor-advisory
x_refsource_DEBIAN
34377
third-party-advisory
x_refsource_SECUNIA
36074
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-2267
vendor-advisory
x_refsource_FEDORA
SUSE-SR:2009:010
vendor-advisory
x_refsource_SUSE
34052
third-party-advisory
x_refsource_SECUNIA
[opensc-announce] 20090226 OpenSC Security Advisory
mailing-list
x_refsource_MLIST
GLSA-200908-01
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now