CVE-2009-1603
First published: Mon May 11 2009(Updated: )
src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS#11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Opensc-project Opensc | =0.11.7 | |
| Fedoraproject Fedora | =9 | |
| Fedoraproject Fedora | =10 | |
| Fedoraproject Fedora | =11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2009/05/08/1
- http://secunia.com/advisories/35035
- http://www.vupen.com/english/advisories/2009/1295
- http://www.opensc-project.org/pipermail/opensc-announce/2009-May/000025.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:123
- http://secunia.com/advisories/35309
- https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01432.html
- https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00095.html
- https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01420.html
- http://secunia.com/advisories/35293
- https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00097.html
- http://security.gentoo.org/glsa/glsa-200908-01.xml
- http://secunia.com/advisories/36074
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/remedy
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- vendor/opensc-project
- canonical/opensc-project opensc
- version/opensc-project opensc/0.11.7
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/9
- version/fedoraproject fedora/10
- version/fedoraproject fedora/11