CVE-2009-0368 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-0368 Interim 1 21 2022-11-26T02:53:45Z current 2021-05-30T12:45:46Z 2022-11-26T02:53:45Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-0368 OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html E-Mail link for SUSE-SR:2009:010 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Server 15-ESPOS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Server for SAP Applications 15 openSUSE Tumbleweed libopensc2-0.11.6-5.25.1 libopensc2-0.11.6-5.27.1 libopensc2-32bit-0.11.6-5.25.1 libopensc2-32bit-0.11.6-5.27.1 libopensc2-x86-0.11.6-5.25.1 libopensc2-x86-0.11.6-5.27.1 opensc opensc-0.11.6-5.25.1 opensc-0.11.6-5.27.1 opensc-0.13.0-1.107 opensc-0.13.0-1.122 opensc-0.13.0-3.3.2 opensc-0.16.0-2.1 opensc-0.17.0-1.30 opensc-32bit-0.11.6-5.25.1 opensc-32bit-0.11.6-5.27.1 opensc-32bit-0.16.0-2.1 opensc-devel-0.11.6-5.27.1 opensc-x86-0.11.6-5.25.1 opensc-x86-0.11.6-5.27.1 opensc-0.13.0-1.122 as a component of SUSE Linux Enterprise Desktop 12 opensc-0.13.0-1.122 as a component of SUSE Linux Enterprise Desktop 12 SP1 opensc-0.13.0-1.122 as a component of SUSE Linux Enterprise Desktop 12 SP2 opensc-0.13.0-1.122 as a component of SUSE Linux Enterprise Desktop 12 SP3 opensc-0.13.0-1.122 as a component of SUSE Linux Enterprise Desktop 12 SP4 opensc-0.13.0-3.3.2 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 opensc-0.17.0-1.30 as a component of SUSE Linux Enterprise Module for Basesystem 15 libopensc2-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server 11 libopensc2-32bit-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server 11 libopensc2-x86-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server 11 opensc-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server 11 opensc-32bit-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server 11 opensc-x86-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server 11 libopensc2-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server 11 SP1 libopensc2-32bit-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server 11 SP1 libopensc2-x86-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server 11 SP1 opensc-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server 11 SP1 opensc-32bit-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server 11 SP1 opensc-x86-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server 11 SP1 libopensc2-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP2 libopensc2-32bit-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP2 libopensc2-x86-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP2 opensc-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP2 opensc-32bit-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP2 opensc-x86-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP2 libopensc2-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopensc2-32bit-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopensc2-x86-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP3 opensc-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP3 opensc-32bit-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP3 opensc-x86-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP3 libopensc2-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP4 libopensc2-32bit-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP4 libopensc2-x86-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP4 opensc-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP4 opensc-32bit-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP4 opensc-x86-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Server 11 SP4 opensc-0.13.0-1.122 as a component of SUSE Linux Enterprise Server 12 opensc-0.13.0-1.122 as a component of SUSE Linux Enterprise Server 12 SP1 opensc-0.13.0-1.122 as a component of SUSE Linux Enterprise Server 12 SP2 opensc-0.13.0-1.122 as a component of SUSE Linux Enterprise Server 12 SP3 opensc-0.13.0-1.122 as a component of SUSE Linux Enterprise Server 12 SP4 opensc-0.13.0-3.3.2 as a component of SUSE Linux Enterprise Server 12 SP5 opensc-0.13.0-1.107 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 libopensc2-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libopensc2-32bit-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libopensc2-x86-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 opensc-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 opensc-32bit-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 opensc-x86-0.11.6-5.25.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 opensc-devel-0.11.6-5.27.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 opensc-0.16.0-2.1 as a component of openSUSE Tumbleweed opensc-32bit-0.16.0-2.1 as a component of openSUSE Tumbleweed opensc as a component of SUSE Linux Enterprise High Performance Computing 15-LTSS opensc as a component of SUSE Linux Enterprise Server 15-ESPOS opensc as a component of SUSE Linux Enterprise Server 15-LTSS opensc as a component of SUSE Linux Enterprise Server for SAP Applications 15 OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program. CVE-2009-0368 SUSE Linux Enterprise Desktop 12:opensc-0.13.0-1.122 SUSE Linux Enterprise Desktop 12 SP1:opensc-0.13.0-1.122 SUSE Linux Enterprise Desktop 12 SP2:opensc-0.13.0-1.122 SUSE Linux Enterprise Desktop 12 SP3:opensc-0.13.0-1.122 SUSE Linux Enterprise Desktop 12 SP4:opensc-0.13.0-1.122 SUSE Linux Enterprise High Performance Computing 12 SP5:opensc-0.13.0-3.3.2 SUSE Linux Enterprise Module for Basesystem 15:opensc-0.17.0-1.30 SUSE Linux Enterprise Server 11:libopensc2-0.11.6-5.25.1 SUSE Linux Enterprise Server 11:libopensc2-32bit-0.11.6-5.25.1 SUSE Linux Enterprise Server 11:libopensc2-x86-0.11.6-5.25.1 SUSE Linux Enterprise Server 11:opensc-0.11.6-5.25.1 SUSE Linux Enterprise Server 11:opensc-32bit-0.11.6-5.25.1 SUSE Linux Enterprise Server 11:opensc-x86-0.11.6-5.25.1 SUSE Linux Enterprise Server 11 SP1:libopensc2-0.11.6-5.25.1 SUSE Linux Enterprise Server 11 SP1:libopensc2-32bit-0.11.6-5.25.1 SUSE Linux Enterprise Server 11 SP1:libopensc2-x86-0.11.6-5.25.1 SUSE Linux Enterprise Server 11 SP1:opensc-0.11.6-5.25.1 SUSE Linux Enterprise Server 11 SP1:opensc-32bit-0.11.6-5.25.1 SUSE Linux Enterprise Server 11 SP1:opensc-x86-0.11.6-5.25.1 SUSE Linux Enterprise Server 11 SP2:libopensc2-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP2:libopensc2-32bit-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP2:libopensc2-x86-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP2:opensc-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP2:opensc-32bit-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP2:opensc-x86-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP3:libopensc2-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP3:libopensc2-32bit-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP3:libopensc2-x86-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP3:opensc-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP3:opensc-32bit-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP3:opensc-x86-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP4:libopensc2-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP4:libopensc2-32bit-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP4:libopensc2-x86-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP4:opensc-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP4:opensc-32bit-0.11.6-5.27.1 SUSE Linux Enterprise Server 11 SP4:opensc-x86-0.11.6-5.27.1 SUSE Linux Enterprise Server 12:opensc-0.13.0-1.122 SUSE Linux Enterprise Server 12 SP1:opensc-0.13.0-1.122 SUSE Linux Enterprise Server 12 SP2:opensc-0.13.0-1.122 SUSE Linux Enterprise Server 12 SP3:opensc-0.13.0-1.122 SUSE Linux Enterprise Server 12 SP4:opensc-0.13.0-1.122 SUSE Linux Enterprise Server 12 SP5:opensc-0.13.0-3.3.2 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:opensc-0.13.0-1.107 SUSE Linux Enterprise Server for SAP Applications 11:libopensc2-0.11.6-5.25.1 SUSE Linux Enterprise Server for SAP Applications 11:libopensc2-32bit-0.11.6-5.25.1 SUSE Linux Enterprise Server for SAP Applications 11:libopensc2-x86-0.11.6-5.25.1 SUSE Linux Enterprise Server for SAP Applications 11:opensc-0.11.6-5.25.1 SUSE Linux Enterprise Server for SAP Applications 11:opensc-32bit-0.11.6-5.25.1 SUSE Linux Enterprise Server for SAP Applications 11:opensc-x86-0.11.6-5.25.1 SUSE Linux Enterprise Software Development Kit 11 SP4:opensc-devel-0.11.6-5.27.1 openSUSE Tumbleweed:opensc-0.16.0-2.1 openSUSE Tumbleweed:opensc-32bit-0.16.0-2.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:opensc SUSE Linux Enterprise Server 15-ESPOS:opensc SUSE Linux Enterprise Server 15-LTSS:opensc SUSE Linux Enterprise Server for SAP Applications 15:opensc moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N