opensc
Page content
- Author: Miklos Vajna
- Vulnerable: 0.11.5-1
- Unaffected: 0.11.6-1solaria1
A security issue has been reported in OpenSC, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the application improperly setting the ADMIN file control information to “00” while initializing smart cards having a Siemens CardOS M4 operating system. This can be exploited to change a user PIN code without having the PIN or PUK if the smart card was initialized with OpenSC.
- Bug Tracker URL: http://bugs.frugalware.org/task/3415