Oval Definition:oval:org.opensuse.security:def:20082235
Revision Date:2022-06-30Version:1
Title:CVE-2008-2235
Description:

OpenSC before 0.11.5 uses weak permissions (ADMIN file control information of 00) for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proximate attackers to change the PIN.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-2235
Mitre CVE-2008-2235
SUSE CVE-2008-2235
SUSE-SR:2008:019
SUSE-SR:2008:019
SUSE-SR:2009:004
SUSE-SR:2009:004
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
openSUSE 10.3
openSUSE Tumbleweed
SUSE Linux Enterprise SDK 10 SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Product(s):
Definition Synopsis
  • Release Information
  • sles9-nld is installed
  • AND
  • opensc-devel less than 0.8.0-194.4
  • OR opensc less than 0.8.0-194.4
  • OR Package Information
  • sles9-nld is installed
  • AND
  • opensc-devel less than 0.8.0-194.6
  • OR opensc less than 0.8.0-194.6
    • Definition Synopsis
  • Release Information
  • suse103 is installed
  • AND
  • libopensc2-32bit less than 0.11.3-21.2
  • OR libopensc2-64bit less than 0.11.3-21.2
  • OR libopensc2 less than 0.11.3-21.2
  • OR opensc-32bit less than 0.11.3-21.2
  • OR opensc-64bit less than 0.11.3-21.2
  • OR opensc-devel less than 0.11.3-21.2
  • OR opensc less than 0.11.3-21.2
  • OR Package Information
  • suse103 is installed
  • AND
  • libopensc2-32bit less than 0.11.3-21.4
  • OR libopensc2-64bit less than 0.11.3-21.4
  • OR libopensc2 less than 0.11.3-21.4
  • OR opensc-32bit less than 0.11.3-21.4
  • OR opensc-64bit less than 0.11.3-21.4
  • OR opensc-devel less than 0.11.3-21.4
  • OR opensc less than 0.11.3-21.4
    • Definition Synopsis
  • Release Information
  • sles10-sp2-sdk is installed
  • AND
  • opensc-32bit less than 0.9.6-17.7
  • OR opensc-devel less than 0.9.6-17.7
  • OR Package Information
  • sles10-sp2-sdk is installed
  • AND
  • opensc-32bit less than 0.9.6-17.9
  • OR opensc-devel less than 0.9.6-17.9
  • OR Package Information
  • sles10-sp2-sdk is installed
  • AND
  • opensc-32bit less than 0.9.6-17.9
  • OR opensc-devel less than 0.9.6-17.9
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND
  • libopensc2-0.11.6-5.27.1 is installed
  • OR libopensc2-32bit-0.11.6-5.27.1 is installed
  • OR libopensc2-x86-0.11.6-5.27.1 is installed
  • OR opensc-0.11.6-5.27.1 is installed
  • OR opensc-32bit-0.11.6-5.27.1 is installed
  • OR opensc-x86-0.11.6-5.27.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • libopensc2-0.11.6-5.27.1 is installed
  • OR libopensc2-32bit-0.11.6-5.27.1 is installed
  • OR libopensc2-x86-0.11.6-5.27.1 is installed
  • OR opensc-0.11.6-5.27.1 is installed
  • OR opensc-32bit-0.11.6-5.27.1 is installed
  • OR opensc-x86-0.11.6-5.27.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • libopensc2-0.11.6-5.27.1 is installed
  • OR libopensc2-32bit-0.11.6-5.27.1 is installed
  • OR libopensc2-x86-0.11.6-5.27.1 is installed
  • OR opensc-0.11.6-5.27.1 is installed
  • OR opensc-32bit-0.11.6-5.27.1 is installed
  • OR opensc-x86-0.11.6-5.27.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND opensc-devel-0.11.6-5.27.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • libopensc2-0.11.6-5.27.1 is installed
  • OR libopensc2-32bit-0.11.6-5.27.1 is installed
  • OR libopensc2-x86-0.11.6-5.27.1 is installed
  • OR opensc-0.11.6-5.27.1 is installed
  • OR opensc-32bit-0.11.6-5.27.1 is installed
  • OR opensc-x86-0.11.6-5.27.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • libopensc2-0.11.6-5.27.1 is installed
  • OR libopensc2-32bit-0.11.6-5.27.1 is installed
  • OR libopensc2-x86-0.11.6-5.27.1 is installed
  • OR opensc-0.11.6-5.27.1 is installed
  • OR opensc-32bit-0.11.6-5.27.1 is installed
  • OR opensc-x86-0.11.6-5.27.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND
  • libopensc2-0.11.6-5.27.1 is installed
  • OR libopensc2-32bit-0.11.6-5.27.1 is installed
  • OR libopensc2-x86-0.11.6-5.27.1 is installed
  • OR opensc-0.11.6-5.27.1 is installed
  • OR opensc-32bit-0.11.6-5.27.1 is installed
  • OR opensc-x86-0.11.6-5.27.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • libopensc2-0.11.6-5.27.1 is installed
  • OR libopensc2-32bit-0.11.6-5.27.1 is installed
  • OR libopensc2-x86-0.11.6-5.27.1 is installed
  • OR opensc-0.11.6-5.27.1 is installed
  • OR opensc-32bit-0.11.6-5.27.1 is installed
  • OR opensc-x86-0.11.6-5.27.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • libopensc2-0.11.6-5.27.1 is installed
  • OR libopensc2-32bit-0.11.6-5.27.1 is installed
  • OR libopensc2-x86-0.11.6-5.27.1 is installed
  • OR opensc-0.11.6-5.27.1 is installed
  • OR opensc-32bit-0.11.6-5.27.1 is installed
  • OR opensc-x86-0.11.6-5.27.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • libopensc2-0.11.6-5.27 is installed
  • OR libopensc2-32bit-0.11.6-5.27 is installed
  • OR libopensc2-x86-0.11.6-5.27 is installed
  • OR opensc-0.11.6-5.27 is installed
  • OR opensc-32bit-0.11.6-5.27 is installed
  • OR opensc-x86-0.11.6-5.27 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND opensc-devel-0.11.6-5.27 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • libopensc2-0.11.6-5.25 is installed
  • OR libopensc2-32bit-0.11.6-5.25 is installed
  • OR libopensc2-x86-0.11.6-5.25 is installed
  • OR opensc-0.11.6-5.25 is installed
  • OR opensc-32bit-0.11.6-5.25 is installed
  • OR opensc-x86-0.11.6-5.25 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • OR SUSE Linux Enterprise Server 11 SP3 is installed
  • OR SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • libopensc2-0.11.6-5.27 is installed
  • OR libopensc2-32bit-0.11.6-5.27 is installed
  • OR libopensc2-x86-0.11.6-5.27 is installed
  • OR opensc-0.11.6-5.27 is installed
  • OR opensc-32bit-0.11.6-5.27 is installed
  • OR opensc-x86-0.11.6-5.27 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • libopensc2-0.11.6-5.25.1 is installed
  • OR libopensc2-32bit-0.11.6-5.25.1 is installed
  • OR libopensc2-x86-0.11.6-5.25.1 is installed
  • OR opensc-0.11.6-5.25.1 is installed
  • OR opensc-32bit-0.11.6-5.25.1 is installed
  • OR opensc-x86-0.11.6-5.25.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • OR SUSE Linux Enterprise Server 11 SP3 is installed
  • OR SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • libopensc2-0.11.6-5.27.1 is installed
  • OR libopensc2-32bit-0.11.6-5.27.1 is installed
  • OR libopensc2-x86-0.11.6-5.27.1 is installed
  • OR opensc-0.11.6-5.27.1 is installed
  • OR opensc-32bit-0.11.6-5.27.1 is installed
  • OR opensc-x86-0.11.6-5.27.1 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • opensc-0.21.0-2.2 is installed
  • OR opensc-32bit-0.21.0-2.2 is installed
    • BACK