MidnightBSD

Advisories for muscle

CVE-2009-4901 LOW

The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service (daemon crash) via crafted SCARD_SET_ATTRIB message data, which is improperly demarshalled and triggers a buffer over-read, a related issue to CVE-2010-0407.

CVSS 2.0

Severity: LOW

Problem Type: CWE-119,

Products Affected

Vendor Product Version
muscle pcsc-lite 1.3.2
muscle pcsc-lite 1.4.0
muscle pcsc-lite 1.4.2
muscle pcsc-lite 1.5.1
muscle pcsc-lite 1.3.0
muscle pcsc-lite 1.2.9
muscle pcsc-lite 1.4.99
muscle pcsc-lite 1.5.2
muscle pcsc-lite 1.2.0
muscle pcsc-lite 1.4.100
muscle pcsc-lite 1.3.3
muscle pcsc-lite 1.5.0
muscle pcsc-lite 1.4.101
muscle pcsc-lite 1.3.1
muscle pcsc-lite 1.4.1
muscle pcsc-lite 1.4.3
muscle pcsc-lite 1.4.102
muscle pcsc-lite *
muscle pcsc-lite 1.1.2
muscle pcsc-lite 1.4.4
CVE-2009-4902 MEDIUM

Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite 1.5.4 and earlier might allow local users to gain privileges via crafted SCARD_CONTROL message data, which is improperly demarshalled. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0407.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
muscle pcsc-lite 1.3.2
muscle pcsc-lite 1.4.0
muscle pcsc-lite 1.4.2
muscle pcsc-lite 1.5.1
muscle pcsc-lite 1.3.0
muscle pcsc-lite 1.2.9
muscle pcsc-lite 1.4.99
muscle pcsc-lite 1.5.2
muscle pcsc-lite 1.2.0
muscle pcsc-lite 1.4.100
muscle pcsc-lite 1.3.3
muscle pcsc-lite 1.5.0
muscle pcsc-lite 1.4.101
muscle pcsc-lite 1.3.1
muscle pcsc-lite 1.4.1
muscle pcsc-lite 1.4.3
muscle pcsc-lite 1.4.102
muscle pcsc-lite *
muscle pcsc-lite 1.1.2
muscle pcsc-lite 1.4.4
CVE-2010-0407 MEDIUM

Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
muscle pcsc-lite 1.3.2
muscle pcsc-lite 1.4.0
muscle pcsc-lite 1.4.2
muscle pcsc-lite 1.5.1
muscle pcsc-lite 1.3.0
muscle pcsc-lite 1.2.9
muscle pcsc-lite 1.4.99
muscle pcsc-lite 1.5.2
muscle pcsc-lite 1.2.0
muscle pcsc-lite 1.4.100
muscle pcsc-lite 1.3.3
muscle pcsc-lite 1.5.0
muscle pcsc-lite 1.4.101
muscle pcsc-lite 1.3.1
muscle pcsc-lite 1.4.1
muscle pcsc-lite 1.4.3
muscle pcsc-lite 1.4.102
muscle pcsc-lite *
muscle pcsc-lite 1.1.2
muscle pcsc-lite 1.4.4
CVE-2010-4530 MEDIUM

Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
muscle pcsc-lite 1.5.3
CVE-2010-4531 MEDIUM

Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
muscle pcsc-lite 1.5.3
CVE-2016-10109 MEDIUM

Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.10
canonical ubuntu_linux 16.04
muscle pcsc-lite *