OpenSC PKCS#11 Implementation Unauthorized Access Vulnerability

Bugtraq ID:	33922
Class:	Design Error
CVE:	CVE-2009-0368
Remote:	No
Local:	Yes
Published:	Feb 26 2009 12:00AM
Updated:	Aug 26 2009 11:02PM
Credit:	Andreas Jellinghaus
Vulnerable:	S.u.S.E. SLE 11 S.u.S.E. SLE 10 S.u.S.E. openSUSE 11.1 S.u.S.E. openSUSE 11.0 S.u.S.E. openSUSE 10.3 RedHat Fedora 9 0 RedHat Fedora 10 Pardus Linux 2008 0 OpenSC OpenSC 0.11.6 OpenSC OpenSC 0.11.5 OpenSC OpenSC 0.11.4 MandrakeSoft Linux Mandrake 2009.0 x86_64 MandrakeSoft Linux Mandrake 2009.0 MandrakeSoft Linux Mandrake 2008.1 x86_64 MandrakeSoft Linux Mandrake 2008.1 MandrakeSoft Linux Mandrake 2008.0 x86_64 MandrakeSoft Linux Mandrake 2008.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 4.0 Gentoo Linux Debian Linux 5.0 sparc Debian Linux 5.0 s/390 Debian Linux 5.0 powerpc Debian Linux 5.0 mipsel Debian Linux 5.0 mips Debian Linux 5.0 m68k Debian Linux 5.0 ia-64 Debian Linux 5.0 ia-32 Debian Linux 5.0 hppa Debian Linux 5.0 armel Debian Linux 5.0 arm Debian Linux 5.0 amd64 Debian Linux 5.0 alpha Debian Linux 5.0

Not Vulnerable:	OpenSC OpenSC 0.11.7