Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Mandriva: Subject: [Security Announce] [ MDVSA-2008:183 ] opensc

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Mandriva: Subject: [Security Announce] [ MDVSA-2008:183 ] opensc
# 1  
Old 09-03-2008
Mandriva: Subject: [Security Announce] [ MDVSA-2008:183 ] opensc
LinuxSecurity.com: Chaskiel M Grundman found that OpenSC would initialize smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN without first having the PIN or PUK, or the superuser's PIN or PUK (CVE-2008-2235).

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT CENTOS

westcos-tool

WESTCOS-TOOL(1) 						   OpenSC Tools 						   WESTCOS-TOOL(1)

NAME

       westcos-tool - utility for manipulating data structures on westcos smart cards

SYNOPSIS

       westcos-tool [OPTIONS]

DESCRIPTION

       The westcos-tool utility is used to manipulate the westcos data structures on 2 Ko smart cards / tokens. Users can create PINs, keys and
       certificates stored on the card / token. User PIN authentication is performed for those operations that require it.

OPTIONS

       --change-pin, -n
	   Changes a PIN stored on the card. User authentication is required for this operation.

       --certificate file, -t file
	   Write certificate file file in PEM format to the card. User authentication is required for this operation.

       --finalize, -f
	   Finalize the card. Once finalized the default key is invalidated, so PIN and PUK cannot be changed anymore without user authentication.

	   Warning, un-finalized are insecure because PIN can be changed without user authentication (knowledge of default key is enough).

       --generate-key, -g
	   Generate a private key on the card. The card must not have been finalized and a PIN must be installed (ie. the file for ithe PIN must
	   havei been created, see option -i). By default the key length is 1536 bits. User authentication is required for this operation.

       --help, -h
	   Print help message on screen.

       --install-pin, -i
	   Install PIN file in on the card. You must provide a PIN value with -x.

       --key-length length, -l length
	   Change the length of private key. Use with -g.

       --overwrite-key, -o
	   Overwrite the key if there is already a key on the card.

       --pin-value value, -x value
	   Set value of PIN.

       --puk-value value, -y value
	   set value of PUK (or value of new PIN for change PIN command see -n).

       --read-file path, -j path
	   Read the file path from the card. The file is written on disk with name path. User authentication is required for this operation.

       --reader num, -r num
	   Use the given reader. The default is the first reader with a card.

       --unblock-pin, -u
	   Unblocks a PIN stored on the card. Knowledge of the PIN Unblock Key (PUK) is required for this operation.

       -v
	   Causes westcos-tool to be more verbose. Specify this flag several times to enable debug output in the OpenSC library.

       --wait, -w
	   Wait for a card to be inserted.

       --write-file path, -k path
	   Put the file with name path from disk to card. On the card the file is written in path. User authentication is required for this
	   operation.

AUTHORS

       westcos-tool was written by Francois Leblanc <francois.leblanc@cev-sa.com>.

opensc								    06/17/2014							   WESTCOS-TOOL(1)