← volver
CVE-2009-0368

CVE-2009-0368

EPSS 1.2%
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program.
Productos afectados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/32820no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlhttp://openwall.com/lists/oss-security/2009/02/26/1http://secunia.com/advisories/34052http://secunia.com/advisories/34120http://secunia.com/advisories/34362http://secunia.com/advisories/34377http://secunia.com/advisories/35065http://secunia.com/advisories/36074http://security.gentoo.org/glsa/glsa-200908-01.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/48958https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00673.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-March/msg00686.html