Vulnerabilities > CVE-2009-1603 - Cleartext Storage of Sensitive Information vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS#11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 3 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Footprinting An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
- Lifting Data Embedded in Client Distributions An attacker can resort to stealing data embedded in client distributions or client code in order to gain certain information. This information can reveal confidential contents, such as account numbers, or can be used as an intermediate step in a larger attack (such as by stealing keys/credentials).
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2009-4883.NASL description A minor update fixing security problem within pkcs11-tool command. http://www.opensc-project.org/pipermail/opensc-announce/2009-May/00002 5.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38958 published 2009-06-01 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38958 title Fedora 9 : opensc-0.11.8-1.fc9 (2009-4883) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2009-4883. # include("compat.inc"); if (description) { script_id(38958); script_version ("1.14"); script_cvs_date("Date: 2019/08/02 13:32:30"); script_cve_id("CVE-2009-1603"); script_bugtraq_id(33922, 34884); script_xref(name:"FEDORA", value:"2009-4883"); script_name(english:"Fedora 9 : opensc-0.11.8-1.fc9 (2009-4883)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "A minor update fixing security problem within pkcs11-tool command. http://www.opensc-project.org/pipermail/opensc-announce/2009-May/00002 5.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # http://www.opensc-project.org/pipermail/opensc-announce/2009-May/000025.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?41d8e49c" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=499862" ); # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024333.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?4ed569a1" ); script_set_attribute( attribute:"solution", value:"Update the affected opensc package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(310); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:opensc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:9"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/06/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 9.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC9", reference:"opensc-0.11.8-1.fc9")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "opensc"); }NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200908-01.NASL description The remote host is affected by the vulnerability described in GLSA-200908-01 (OpenSC: Multiple vulnerabilities) Multiple vulnerabilities were found in OpenSC: b.badrignans discovered that OpenSC incorrectly initialises private data objects (CVE-2009-0368). Miquel Comas Marti discovered that src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS#11 modules, generates RSA keys with incorrect public exponents (CVE-2009-1603). Impact : The first vulnerability allows physically proximate attackers to bypass intended PIN requirements and read private data objects. The second vulnerability allows attackers to read the cleartext form of messages that were intended to be encrypted. NOTE: Smart cards which were initialised using an affected version of OpenSC need to be modified or re-initialised. See the vendor last seen 2020-06-01 modified 2020-06-02 plugin id 40462 published 2009-08-03 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40462 title GLSA-200908-01 : OpenSC: Multiple vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2009-4928.NASL description CVE-2009-1603 A minor update fixing security problem within pkcs11-tool command. http://www.opensc-project.org/pipermail/opensc- announce/2009-May/000025.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38993 published 2009-06-03 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38993 title Fedora 10 : mingw32-opensc-0.11.8-1.fc10 (2009-4928) NASL family Fedora Local Security Checks NASL id FEDORA_2009-4967.NASL description CVE-2009-1603 A minor update fixing security problem within pkcs11-tool command. http://www.opensc-project.org/pipermail/opensc- announce/2009-May/000025.html OpenSC is a package for for accessing smart card devices. Basic functionality (e.g. SELECT FILE, READ BINARY) should work on any ISO 7816-4 compatible smart card. Encryption and decryption using private keys on the smart card is possible with PKCS #15 compatible cards, such as the FINEID (Finnish Electronic IDentity) card. Swedish Posten eID cards have also been confirmed to work. This is the MinGW cross-compiled Windows library. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38994 published 2009-06-03 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38994 title Fedora 11 : mingw32-opensc-0.11.8-1.fc11 (2009-4967) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-123.NASL description src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS#11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted (CVE-2009-1603). The updated packages fix the issue. last seen 2020-06-01 modified 2020-06-02 plugin id 48146 published 2010-07-30 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/48146 title Mandriva Linux Security Advisory : opensc (MDVSA-2009:123) NASL family Fedora Local Security Checks NASL id FEDORA_2009-4919.NASL description A minor update fixing security problem within pkcs11-tool command. http://www.opensc-project.org/pipermail/opensc-announce/2009-May/00002 5.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38960 published 2009-06-01 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38960 title Fedora 10 : opensc-0.11.8-1.fc10 (2009-4919)
References
- http://www.openwall.com/lists/oss-security/2009/05/08/1
- http://secunia.com/advisories/35035
- http://www.vupen.com/english/advisories/2009/1295
- http://www.opensc-project.org/pipermail/opensc-announce/2009-May/000025.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:123
- http://secunia.com/advisories/35309
- https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01432.html
- https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00095.html
- https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01420.html
- http://secunia.com/advisories/35293
- https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00097.html
- http://security.gentoo.org/glsa/glsa-200908-01.xml
- http://secunia.com/advisories/36074