Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Mandriva: Subject: [Security Announce] [ MDVSA-2008:183 ] opensc

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Mandriva: Subject: [Security Announce] [ MDVSA-2008:183 ] opensc
# 1  
Old 09-03-2008
Mandriva: Subject: [Security Announce] [ MDVSA-2008:183 ] opensc
LinuxSecurity.com: Chaskiel M Grundman found that OpenSC would initialize smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN without first having the PIN or PUK, or the superuser's PIN or PUK (CVE-2008-2235).

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

westcos-tool

WESTCOS-TOOL(1) 						   OpenSC tools 						   WESTCOS-TOOL(1)

NAME

       westcos-tool - utility for manipulating data structures on westcos smart cards

SYNOPSIS

       westcos-tool [OPTIONS]

DESCRIPTION

       The westcos-tool utility is used to manipulate the westcos data structures on 2 Ko smart cards. Users can create PINs, keys and
       certificates stored on the token. User PIN authentication is performed for those operations that require it.

OPTIONS

       --reader, r num
	   Use the given reader. The default is the first reader with a card.

       --wait, -w
	   Wait for a card to be inserted

       --generate-key, -g
	   Generate a private key on smart card. The smart card must be not finalized and a PIN must be installed (ie. file for PIN must be
	   created, see option -i). By default key length is 1536 bits. User authentication is required for this operation.

       --overwrite-key, -o
	   Overwrite the key if there is already a key on card.

       --key-length length, -l length
	   Change the length of private key, use with -g.

       --install-pin, -i
	   Install PIN file in token, you must provide PIN value with -x.

       --pin-value value, -x value
	   set value of PIN.

       --puk-value value, -y value
	   set value of PUK (or value of new PIN for change PIN command see -n).

       --change-pin, -n
	   Changes a PIN stored on the token. User authentication is required for this operation.

       --unblock-pin, -u
	   Unblocks a PIN stored on the token. Knowledge of the PIN Unblock Key (PUK) is required for this operation.

       --certificate file, -t file
	   Write certificate file in PEM format to the card. User authentication is required for this operation.

       --finalize, -f
	   Finalize the card. Once finalized the default key is invalidated so PIN and PUK can't be changed anymore without user authentication.
	   Warning, un-finalized are insecure because PIN can be changed without user authentication (knowledge of default key is enough).

       --read-file path, -j path
	   Get the file path the file is written on disk with path name. User authentication is required for this operation.

       --write-file path, -k path
	   Put the file with name path from disk to card the file is written in path. User authentication is required for this operation.

       --help, -h
	   Print help message on screen.

       -v
	   Causes westcos-tool to be more verbose. Specify this flag several times to enable debug output in the OpenSC library.

AUTHORS

       westcos-tool was written by Francois Leblanc francois.leblanc@cev-sa.com.

opensc								    06/03/2012							   WESTCOS-TOOL(1)