VAR-200809-0570
Vulnerability from variot - Updated: 2023-12-18 11:10pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of CVE-2008-2235. Opensc is prone to a local security vulnerability. OpenSC is a smart card program and application library. ----------------------------------------------------------------------
Do you need accurate and reliable IDS / IPS / AV detection rules?
Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/
TITLE: SUSE Update for Multiple Packages
SECUNIA ADVISORY ID: SA32099
VERIFY ADVISORY: http://secunia.com/advisories/32099/
CRITICAL: Highly critical
IMPACT: Security Bypass, Exposure of sensitive information, Privilege escalation, DoS, System access
WHERE:
From remote
OPERATING SYSTEM: SUSE Linux Enterprise Server 9 http://secunia.com/advisories/product/4118/ SUSE Linux Enterprise Server 10 http://secunia.com/advisories/product/12192/ openSUSE 11.0 http://secunia.com/advisories/product/19180/ openSUSE 10.3 http://secunia.com/advisories/product/16124/ openSUSE 10.2 http://secunia.com/advisories/product/13375/
SOFTWARE: Novell Open Enterprise Server 1.x http://secunia.com/advisories/product/4664/
DESCRIPTION: SUSE has issued an update for multiple packages. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia report for 2008.
Highlights from the 2008 report: * Vulnerability Research * Software Inspection Results * Secunia Research Highlights * Secunia Advisory Statistics
Request the full 2008 Report here: http://secunia.com/advisories/try_vi/request_2008_report/
Stay Secure,
Secunia
TITLE: Fedora update for opensc
SECUNIA ADVISORY ID: SA34362
VERIFY ADVISORY: http://secunia.com/advisories/34362/
DESCRIPTION: Fedora has issued an update for opensc. This fixes some security issues, which can be exploited by malicious people to bypass certain security restrictions.
For more information: SA31330 SA34052
SOLUTION: Apply updated packages using the yum utility ("yum update opensc").
ORIGINAL ADVISORY: FEDORA-2009-2267: https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00686.html
OTHER REFERENCES: SA31330: http://secunia.com/advisories/31330/
SA34052: http://secunia.com/advisories/34052/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200809-0570",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "opensc",
"scope": "eq",
"trust": 1.9,
"vendor": "opensc",
"version": "0.9.4"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.9,
"vendor": "opensc",
"version": "0.9.3"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.9,
"vendor": "opensc",
"version": "0.9.2"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.9,
"vendor": "opensc",
"version": "0.8.1"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.9,
"vendor": "opensc",
"version": "0.6.1"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.9,
"vendor": "opensc",
"version": "0.8.0"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.6,
"vendor": "opensc",
"version": "0.7.0"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.6,
"vendor": "opensc",
"version": "0.6.0"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.6,
"vendor": "opensc",
"version": "0.5.0"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.6,
"vendor": "opensc",
"version": "0.4.0"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.3,
"vendor": "opensc",
"version": "0.11.4"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.3,
"vendor": "opensc",
"version": "0.11.3"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.3,
"vendor": "opensc",
"version": "0.11.2"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.3,
"vendor": "opensc",
"version": "0.11.1"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.3,
"vendor": "opensc",
"version": "0.10.1"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.3,
"vendor": "opensc",
"version": "0.9.6"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.3,
"vendor": "opensc",
"version": "0.9.5"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.3,
"vendor": "opensc",
"version": "0.10.0"
},
{
"model": "opensc",
"scope": "eq",
"trust": 1.0,
"vendor": "opensc",
"version": "0.11.0"
},
{
"model": "opensc",
"scope": "lte",
"trust": 1.0,
"vendor": "opensc",
"version": "0.11.5"
},
{
"model": "opensc",
"scope": "lt",
"trust": 0.8,
"vendor": "opensc team",
"version": "0.11.6"
},
{
"model": "opensc",
"scope": "eq",
"trust": 0.3,
"vendor": "opensc",
"version": "0.11.5"
},
{
"model": "opensc",
"scope": "eq",
"trust": 0.3,
"vendor": "opensc",
"version": "0.11"
},
{
"model": "opensc",
"scope": "eq",
"trust": 0.3,
"vendor": "opensc",
"version": "0.7"
},
{
"model": "opensc",
"scope": "eq",
"trust": 0.3,
"vendor": "opensc",
"version": "0.6"
},
{
"model": "opensc",
"scope": "eq",
"trust": 0.3,
"vendor": "opensc",
"version": "0.5"
},
{
"model": "opensc",
"scope": "eq",
"trust": 0.3,
"vendor": "opensc",
"version": "0.4"
},
{
"model": "pre3",
"scope": "eq",
"trust": 0.3,
"vendor": "opensc",
"version": "0.11.3"
}
],
"sources": [
{
"db": "BID",
"id": "84842"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004842"
},
{
"db": "NVD",
"id": "CVE-2008-3972"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-155"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.11.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.11.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.11.3:pre3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensc-project:opensc:0.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:cardos:m4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3972"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "84842"
}
],
"trust": 0.3
},
"cve": "CVE-2008-3972",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.6,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2008-3972",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-34097",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-3972",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200809-155",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-34097",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34097"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004842"
},
{
"db": "NVD",
"id": "CVE-2008-3972"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-155"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card\u0027s label matches the \"OpenSC\" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of CVE-2008-2235. Opensc is prone to a local security vulnerability. OpenSC is a smart card program and application library. ----------------------------------------------------------------------\n\nDo you need accurate and reliable IDS / IPS / AV detection rules?\n\nGet in-depth vulnerability details:\nhttp://secunia.com/binary_analysis/sample_analysis/\n\n----------------------------------------------------------------------\n\nTITLE:\nSUSE Update for Multiple Packages\n\nSECUNIA ADVISORY ID:\nSA32099\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/32099/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSecurity Bypass, Exposure of sensitive information, Privilege\nescalation, DoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nSUSE Linux Enterprise Server 9\nhttp://secunia.com/advisories/product/4118/\nSUSE Linux Enterprise Server 10\nhttp://secunia.com/advisories/product/12192/\nopenSUSE 11.0\nhttp://secunia.com/advisories/product/19180/\nopenSUSE 10.3\nhttp://secunia.com/advisories/product/16124/\nopenSUSE 10.2\nhttp://secunia.com/advisories/product/13375/\n\nSOFTWARE:\nNovell Open Enterprise Server 1.x\nhttp://secunia.com/advisories/product/4664/\n\nDESCRIPTION:\nSUSE has issued an update for multiple packages. ----------------------------------------------------------------------\n\nSecunia is pleased to announce the release of the annual Secunia\nreport for 2008. \n\nHighlights from the 2008 report:\n * Vulnerability Research\n * Software Inspection Results\n * Secunia Research Highlights\n * Secunia Advisory Statistics\n\nRequest the full 2008 Report here:\nhttp://secunia.com/advisories/try_vi/request_2008_report/\n\nStay Secure,\n\nSecunia\n\n\n----------------------------------------------------------------------\n\nTITLE:\nFedora update for opensc\n\nSECUNIA ADVISORY ID:\nSA34362\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/34362/\n\nDESCRIPTION:\nFedora has issued an update for opensc. This fixes some security\nissues, which can be exploited by malicious people to bypass certain\nsecurity restrictions. \n\nFor more information:\nSA31330\nSA34052\n\nSOLUTION:\nApply updated packages using the yum utility (\"yum update opensc\"). \n\nORIGINAL ADVISORY:\nFEDORA-2009-2267:\nhttps://www.redhat.com/archives/fedora-package-announce/2009-March/msg00686.html\n\nOTHER REFERENCES:\nSA31330:\nhttp://secunia.com/advisories/31330/\n\nSA34052:\nhttp://secunia.com/advisories/34052/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3972"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004842"
},
{
"db": "BID",
"id": "84842"
},
{
"db": "VULHUB",
"id": "VHN-34097"
},
{
"db": "PACKETSTORM",
"id": "70466"
},
{
"db": "PACKETSTORM",
"id": "75887"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-3972",
"trust": 2.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2008/09/09/14",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "32099",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "34362",
"trust": 1.8
},
{
"db": "XF",
"id": "45045",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004842",
"trust": 0.8
},
{
"db": "MLIST",
"id": "[OSS-SECURITY] 20080909 RE: OPENSC 0.11.6 WITH FIXED SECURITY UPDATE",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[OPENSC-ANNOUNCE] 20080827 OPENSC 0.11.6 WITH FIXED SECURITY UPDATE",
"trust": 0.6
},
{
"db": "XF",
"id": "15",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2008:019",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2009-2267",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200809-155",
"trust": 0.6
},
{
"db": "BID",
"id": "84842",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-34097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "70466",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "75887",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34097"
},
{
"db": "BID",
"id": "84842"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004842"
},
{
"db": "PACKETSTORM",
"id": "70466"
},
{
"db": "PACKETSTORM",
"id": "75887"
},
{
"db": "NVD",
"id": "CVE-2008-3972"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-155"
}
]
},
"id": "VAR-200809-0570",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-34097"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:10:11.353000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "opensc 0.11.6 with fixed security update",
"trust": 0.8,
"url": "http://www.opensc-project.org/pipermail/opensc-announce/2008-august/000021.html"
},
{
"title": "OpenSC Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=156701"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004842"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-155"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34097"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004842"
},
{
"db": "NVD",
"id": "CVE-2008-3972"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-march/msg00686.html"
},
{
"trust": 2.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html"
},
{
"trust": 2.0,
"url": "http://www.opensc-project.org/pipermail/opensc-announce/2008-august/000021.html"
},
{
"trust": 2.0,
"url": "http://www.openwall.com/lists/oss-security/2008/09/09/14"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32099"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/34362"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45045"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/xforce/xfdb/45045"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3972"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3972"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/31330/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/binary_analysis/sample_analysis/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/4664/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/13375/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/30957/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31823/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/4118/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/32099/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/30627/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/19180/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/12192/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/16124/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/34362/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/34052/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/try_vi/request_2008_report/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34097"
},
{
"db": "BID",
"id": "84842"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004842"
},
{
"db": "PACKETSTORM",
"id": "70466"
},
{
"db": "PACKETSTORM",
"id": "75887"
},
{
"db": "NVD",
"id": "CVE-2008-3972"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-155"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-34097"
},
{
"db": "BID",
"id": "84842"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004842"
},
{
"db": "PACKETSTORM",
"id": "70466"
},
{
"db": "PACKETSTORM",
"id": "75887"
},
{
"db": "NVD",
"id": "CVE-2008-3972"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-155"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-11T00:00:00",
"db": "VULHUB",
"id": "VHN-34097"
},
{
"date": "2008-09-10T00:00:00",
"db": "BID",
"id": "84842"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-004842"
},
{
"date": "2008-09-30T23:23:28",
"db": "PACKETSTORM",
"id": "70466"
},
{
"date": "2009-03-19T07:12:32",
"db": "PACKETSTORM",
"id": "75887"
},
{
"date": "2008-09-11T01:13:47.807000",
"db": "NVD",
"id": "CVE-2008-3972"
},
{
"date": "2008-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200809-155"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "VULHUB",
"id": "VHN-34097"
},
{
"date": "2008-09-10T00:00:00",
"db": "BID",
"id": "84842"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-004842"
},
{
"date": "2017-08-08T01:32:18.653000",
"db": "NVD",
"id": "CVE-2008-3972"
},
{
"date": "2021-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200809-155"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "84842"
},
{
"db": "PACKETSTORM",
"id": "70466"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-155"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSC of pkcs15-tool Vulnerabilities exploiting vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004842"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200809-155"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…