-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:189-1 http://www.mandriva.com/security/ _______________________________________________________________________ Package : pcsc-lite Date : September 24, 2010 Affected: Corporate 4.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been found and corrected in pcsc-lite: The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service (daemon crash) via crafted SCARD_SET_ATTRIB message data, which is improperly demarshalled and triggers a buffer over-read, a related issue to CVE-2010-0407 (CVE-2009-4901). Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite 1.5.4 and earlier might allow local users to gain privileges via crafted SCARD_CONTROL message data, which is improperly demarshalled. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0407 (CVE-2009-4902). Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled (CVE-2010-0407). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. Update: The previous MDVSA-2010:189 advisory was missing the packages for CS4, this advisory corrects the problem. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0407 _______________________________________________________________________ Updated Packages: Corporate 4.0: 0c66f40efecdc0c3ae8f27dbe1abc4c5 corporate/4.0/i586/libpcsclite1-1.3.0-2.1.20060mlcs4.i586.rpm 5623a50de3f9505c5a8b503a844d9ac5 corporate/4.0/i586/libpcsclite1-devel-1.3.0-2.1.20060mlcs4.i586.rpm ab1f8bec0cee4bd2e88e40b6c34d9160 corporate/4.0/i586/libpcsclite1-static-devel-1.3.0-2.1.20060mlcs4.i586.rpm 27431d0962492720c5b7cca1491ebade corporate/4.0/i586/pcsc-lite-1.3.0-2.1.20060mlcs4.i586.rpm 524c61d97f58343dee043627407f37ee corporate/4.0/SRPMS/pcsc-lite-1.3.0-2.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: 679754ead473749cc755350951df0478 corporate/4.0/x86_64/lib64pcsclite1-1.3.0-2.1.20060mlcs4.x86_64.rpm 974188458cb887457a22cb4be169ba24 corporate/4.0/x86_64/lib64pcsclite1-devel-1.3.0-2.1.20060mlcs4.x86_64.rpm 300a3a9416d02cfd092bb5e3bc81302d corporate/4.0/x86_64/lib64pcsclite1-static-devel-1.3.0-2.1.20060mlcs4.x86_64.rpm 7e491ebb83c94c00b249db757c0e052b corporate/4.0/x86_64/pcsc-lite-1.3.0-2.1.20060mlcs4.x86_64.rpm 524c61d97f58343dee043627407f37ee corporate/4.0/SRPMS/pcsc-lite-1.3.0-2.1.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFMnI0kmqjQ0CJFipgRAkbCAJ9WgEQY8sy1UUqXjCgQFMy9SfTa4QCgqgbV daNX/N1UA/Xi7dcWucABNSU= =Z3Xz -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/