Mandriva Linux Security Advisory 2010-189 - The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service via crafted SCARD_SET_ATTRIB message data, which is improperly demarshalled and triggers a buffer over-read, a related issue to CVE-2010-0407. Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon in MUSCLE PCSC-Lite 1.5.4 and earlier might allow local users to gain privileges via crafted this vulnerability exists because of an incorrect fix for CVE-2010-0407. Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.
ca04b9d82ecaa1a57c63c9c0250bdc8f52c49227e19296782cb07fa29de4139f-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:189
http://www.mandriva.com/security/
_______________________________________________________________________
Package : pcsc-lite
Date : September 24, 2010
Affected: 2008.0, 2009.0, 2009.1, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been found and corrected in pcsc-lite:
The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart
Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow
local users to cause a denial of service (daemon crash) via crafted
SCARD_SET_ATTRIB message data, which is improperly demarshalled
and triggers a buffer over-read, a related issue to CVE-2010-0407
(CVE-2009-4901).
Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c
in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite 1.5.4
and earlier might allow local users to gain privileges via crafted
SCARD_CONTROL message data, which is improperly demarshalled. NOTE:
this vulnerability exists because of an incorrect fix for CVE-2010-0407
(CVE-2009-4902).
Multiple buffer overflows in the MSGFunctionDemarshall function in
winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE
PCSC-Lite before 1.5.4 allow local users to gain privileges via
crafted message data, which is improperly demarshalled (CVE-2010-0407).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0407
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
8542435bcf848ec4a758f08abb440de6 2008.0/i586/libpcsclite1-1.4.4-1.1mdv2008.0.i586.rpm
b2cba2d308ce62f0db856cbeb397e579 2008.0/i586/libpcsclite-devel-1.4.4-1.1mdv2008.0.i586.rpm
91aa91411c7755f9fef3bc9d2247ae8d 2008.0/i586/libpcsclite-static-devel-1.4.4-1.1mdv2008.0.i586.rpm
a9b3733633dea019f2604a3edaee1108 2008.0/i586/pcsc-lite-1.4.4-1.1mdv2008.0.i586.rpm
f08e053f4969deef763e11fd6d66b408 2008.0/SRPMS/pcsc-lite-1.4.4-1.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
6e0f7e5e8069e5aa694de0b51d51e7f7 2008.0/x86_64/lib64pcsclite1-1.4.4-1.1mdv2008.0.x86_64.rpm
ecb3d147a0989e9f11b6c21a99d78b00 2008.0/x86_64/lib64pcsclite-devel-1.4.4-1.1mdv2008.0.x86_64.rpm
217d8be73202d169f0749b586d2fc78d 2008.0/x86_64/lib64pcsclite-static-devel-1.4.4-1.1mdv2008.0.x86_64.rpm
5124ffac456d3ddcbe83c2cc20b3e65b 2008.0/x86_64/pcsc-lite-1.4.4-1.1mdv2008.0.x86_64.rpm
f08e053f4969deef763e11fd6d66b408 2008.0/SRPMS/pcsc-lite-1.4.4-1.1mdv2008.0.src.rpm
Mandriva Linux 2009.0:
9e6699c3b26d60127e0caaa1aa2289d2 2009.0/i586/libpcsclite1-1.4.102-1.1mdv2009.0.i586.rpm
72a1a3d5e01ed8345f265a77f4ea05dd 2009.0/i586/libpcsclite-devel-1.4.102-1.1mdv2009.0.i586.rpm
349726056604450832d18ebef0b719c0 2009.0/i586/libpcsclite-static-devel-1.4.102-1.1mdv2009.0.i586.rpm
e87e4987d3fbf641f645b2009471f387 2009.0/i586/pcsc-lite-1.4.102-1.1mdv2009.0.i586.rpm
76334baf4d0a4c7e7269be6855aee4c2 2009.0/SRPMS/pcsc-lite-1.4.102-1.1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
0ecec7927fddbf1791384667d4c2cb0f 2009.0/x86_64/lib64pcsclite1-1.4.102-1.1mdv2009.0.x86_64.rpm
628debd6fb07c332a72b836c165bcc8d 2009.0/x86_64/lib64pcsclite-devel-1.4.102-1.1mdv2009.0.x86_64.rpm
ae015f03362f7399c9aba451f2f7fecd 2009.0/x86_64/lib64pcsclite-static-devel-1.4.102-1.1mdv2009.0.x86_64.rpm
64fbc7257cbfc5a18c1d3f63ab8860e8 2009.0/x86_64/pcsc-lite-1.4.102-1.1mdv2009.0.x86_64.rpm
76334baf4d0a4c7e7269be6855aee4c2 2009.0/SRPMS/pcsc-lite-1.4.102-1.1mdv2009.0.src.rpm
Mandriva Linux 2009.1:
f6fbc67ddacadd6e421fd68d02e12633 2009.1/i586/libpcsclite1-1.5.2-1.1mdv2009.1.i586.rpm
a1ba1511fd5dd26573527ef50ce81b5e 2009.1/i586/libpcsclite-devel-1.5.2-1.1mdv2009.1.i586.rpm
4b9ba378d857ae48a846f00e286024e8 2009.1/i586/libpcsclite-static-devel-1.5.2-1.1mdv2009.1.i586.rpm
6a704dd4e7d8423d35db366dbf689cb7 2009.1/i586/pcsc-lite-1.5.2-1.1mdv2009.1.i586.rpm
01a7091c9fcf2337578c9caeebc87833 2009.1/SRPMS/pcsc-lite-1.5.2-1.1mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64:
613b7a63921e05a482fb4aae6a36d5cf 2009.1/x86_64/lib64pcsclite1-1.5.2-1.1mdv2009.1.x86_64.rpm
9dd66b08eb34e7fa8d00c569f0face33 2009.1/x86_64/lib64pcsclite-devel-1.5.2-1.1mdv2009.1.x86_64.rpm
8b7f3042144456046ac6a550d49466f7 2009.1/x86_64/lib64pcsclite-static-devel-1.5.2-1.1mdv2009.1.x86_64.rpm
8f4c9901adccf658a5edd7b88e735568 2009.1/x86_64/pcsc-lite-1.5.2-1.1mdv2009.1.x86_64.rpm
01a7091c9fcf2337578c9caeebc87833 2009.1/SRPMS/pcsc-lite-1.5.2-1.1mdv2009.1.src.rpm
Mandriva Enterprise Server 5:
4194b2888cee96308009918fd78ec2e6 mes5/i586/libpcsclite1-1.4.102-1.1mdvmes5.1.i586.rpm
5fceb0986718f744abbd371129b38eba mes5/i586/libpcsclite-devel-1.4.102-1.1mdvmes5.1.i586.rpm
f856c267204173af9fad236eac81c28f mes5/i586/libpcsclite-static-devel-1.4.102-1.1mdvmes5.1.i586.rpm
6d601e4b1d1168ebec78c5d945378e02 mes5/i586/pcsc-lite-1.4.102-1.1mdvmes5.1.i586.rpm
0b52ec2a75a79cdef80d31b6b55323d1 mes5/SRPMS/pcsc-lite-1.4.102-1.1mdv2009.0.src.rpm
Mandriva Enterprise Server 5/X86_64:
245e8a6081254bacb173674d15594e98 mes5/x86_64/lib64pcsclite1-1.4.102-1.1mdvmes5.1.x86_64.rpm
315e276f89d1bd75105a2e40f2976b81 mes5/x86_64/lib64pcsclite-devel-1.4.102-1.1mdvmes5.1.x86_64.rpm
731b15c35ffe0872052578e9a25f3fa2 mes5/x86_64/lib64pcsclite-static-devel-1.4.102-1.1mdvmes5.1.x86_64.rpm
ca6aa016db366b69b83ca08814a9636c mes5/x86_64/pcsc-lite-1.4.102-1.1mdvmes5.1.x86_64.rpm
0b52ec2a75a79cdef80d31b6b55323d1 mes5/SRPMS/pcsc-lite-1.4.102-1.1mdv2009.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFMnGzomqjQ0CJFipgRAmXTAKDITs6XSqDRd8Bm+jEKeBBi8VCnmgCdG3k7
73gkpAFx7zZqY3bL0t73fqA=
=qjIw
-----END PGP SIGNATURE-----
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed