-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2011.0076
    Vulnerabilities have been found and corrected in ccid and pcsc-lite
                              24 January 2011

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          ccid
                  pcsc-lite
Publisher:        Mandriva
Operating System: UNIX variants (UNIX, Linux, OSX)
                  Mandriva Linux
Impact/Access:    Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                  Denial of Service               -- Remote/Unauthenticated
Resolution:       Patch/Upgrade
CVE Names:        CVE-2010-4531 CVE-2010-4530 

Comment: This advisory references vulnerabilities in products which run on 
         platforms other than Mandriva. It is recommended that administrators running
         ccid or pcsc-lite check for an updated version of the software for 
         their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:014
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : ccid
 Date    : January 20, 2011
 Affected: Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been found and corrected in ccid:
 
 Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card
 Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3
 and possibly other products, allows physically proximate attackers to
 execute arbitrary code via a smart card with a crafted serial number
 that causes a negative value to be used in a memcpy operation, which
 triggers a buffer overflow.  NOTE: some sources refer to this issue
 as an integer overflow (CVE-2010-4530).
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4530
 _______________________________________________________________________

 Updated Packages:

 Corporate 4.0:
 1825753343f77df80e26acc86569d1c4  corporate/4.0/i586/ccid-1.0.0-2.1.20060mlcs4.i586.rpm 
 26afe41c97d0729456a88c57804a8a13  corporate/4.0/SRPMS/ccid-1.0.0-2.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 c065aa2ef89421dfb165b4ed48792b21  corporate/4.0/x86_64/ccid-1.0.0-2.1.20060mlcs4.x86_64.rpm 
 26afe41c97d0729456a88c57804a8a13  corporate/4.0/SRPMS/ccid-1.0.0-2.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNOHeAmqjQ0CJFipgRAg4BAJ4+A/S/MGOlSjcBa5twumtHvBf3xQCfTG6U
Z4eoen9YOPi+AKCBeDJX7AY=
=d4sy
- -----END PGP SIGNATURE-----

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:015
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : pcsc-lite
 Date    : January 20, 2011
 Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been found and corrected in pcsc-lite:
 
 Stack-based buffer overflow in the ATRDecodeAtr function in the
 Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite
 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically
 proximate attackers to cause a denial of service (crash) and possibly
 execute arbitrary code via a smart card with an ATR message containing
 a long attribute value (CVE-2010-4531).
 
 Packages for 2009.0 are provided as of the Extended Maintenance
 Program. Please visit this link to learn more:
 http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4531
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 d137c48f4e931440a7c0b8f15fcff4b8  2009.0/i586/libpcsclite1-1.4.102-1.2mdv2009.0.i586.rpm
 25116e1db3bda3affb09d59b4adc6aef  2009.0/i586/libpcsclite-devel-1.4.102-1.2mdv2009.0.i586.rpm
 302d0c768b5b610547f55a3781f14fa8  2009.0/i586/libpcsclite-static-devel-1.4.102-1.2mdv2009.0.i586.rpm
 d18ad9858c8995ca754138e0bd7a9bd8  2009.0/i586/pcsc-lite-1.4.102-1.2mdv2009.0.i586.rpm 
 92270b043c53d716e12eac331480ffe9  2009.0/SRPMS/pcsc-lite-1.4.102-1.2mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 b8690a3cb9fe4cef11a2f7181f07c2bf  2009.0/x86_64/lib64pcsclite1-1.4.102-1.2mdv2009.0.x86_64.rpm
 70a6ff7af784249e5f3dbec686c5c992  2009.0/x86_64/lib64pcsclite-devel-1.4.102-1.2mdv2009.0.x86_64.rpm
 01141839cdc3d10e5df39d34cad4b1d0  2009.0/x86_64/lib64pcsclite-static-devel-1.4.102-1.2mdv2009.0.x86_64.rpm
 f49b21cb00dde2c767661f4e8512c9d2  2009.0/x86_64/pcsc-lite-1.4.102-1.2mdv2009.0.x86_64.rpm 
 92270b043c53d716e12eac331480ffe9  2009.0/SRPMS/pcsc-lite-1.4.102-1.2mdv2009.0.src.rpm

 Mandriva Linux 2010.0:
 e8542ceffedf0e3e10a75451fa7ac4cd  2010.0/i586/libpcsclite1-1.5.5-1.1mdv2010.0.i586.rpm
 9909eecea315d85cc1a5f22680ccb55b  2010.0/i586/libpcsclite-devel-1.5.5-1.1mdv2010.0.i586.rpm
 9d4e979b5245f8f03670571801bc1ee1  2010.0/i586/libpcsclite-static-devel-1.5.5-1.1mdv2010.0.i586.rpm
 4293654f2187a51a09e16402665d40bf  2010.0/i586/pcsc-lite-1.5.5-1.1mdv2010.0.i586.rpm 
 c3ea63013e5cdbc56ebdca3f8305379a  2010.0/SRPMS/pcsc-lite-1.5.5-1.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 cafd52e2470853139baa1a4c92251d8d  2010.0/x86_64/lib64pcsclite1-1.5.5-1.1mdv2010.0.x86_64.rpm
 7c27626ea5b0ca2bfcf6a6f44cecd432  2010.0/x86_64/lib64pcsclite-devel-1.5.5-1.1mdv2010.0.x86_64.rpm
 f9073247d0152fabc96b147c2b06ca4b  2010.0/x86_64/lib64pcsclite-static-devel-1.5.5-1.1mdv2010.0.x86_64.rpm
 c6d768906fb0a1a6025d560f835faf32  2010.0/x86_64/pcsc-lite-1.5.5-1.1mdv2010.0.x86_64.rpm 
 c3ea63013e5cdbc56ebdca3f8305379a  2010.0/SRPMS/pcsc-lite-1.5.5-1.1mdv2010.0.src.rpm

 Mandriva Linux 2010.1:
 b590e80c2a64596453c593ee70c5e8e1  2010.1/i586/libpcsclite1-1.5.5-2.1mdv2010.2.i586.rpm
 35aedb0f443c5b96faf2cc3f0c9774d0  2010.1/i586/libpcsclite-devel-1.5.5-2.1mdv2010.2.i586.rpm
 483ee37eb2ae95fe44649c449028efaa  2010.1/i586/libpcsclite-static-devel-1.5.5-2.1mdv2010.2.i586.rpm
 ed00d83148affe361345db65cd29c5db  2010.1/i586/pcsc-lite-1.5.5-2.1mdv2010.2.i586.rpm 
 a53a46520d0b3f55a5672ae66db13a18  2010.1/SRPMS/pcsc-lite-1.5.5-2.1mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 b05d60aa1b2fe29a60defe1b06a20a8e  2010.1/x86_64/lib64pcsclite1-1.5.5-2.1mdv2010.2.x86_64.rpm
 910af804d47eb0667a420f51410a5d97  2010.1/x86_64/lib64pcsclite-devel-1.5.5-2.1mdv2010.2.x86_64.rpm
 6a04a618d0f85e8b4bd0cd59336bd7b9  2010.1/x86_64/lib64pcsclite-static-devel-1.5.5-2.1mdv2010.2.x86_64.rpm
 d61120d304cd581e9529b12d68c67e1b  2010.1/x86_64/pcsc-lite-1.5.5-2.1mdv2010.2.x86_64.rpm 
 a53a46520d0b3f55a5672ae66db13a18  2010.1/SRPMS/pcsc-lite-1.5.5-2.1mdv2010.2.src.rpm

 Corporate 4.0:
 d198bb12df9768650b8b023cf0682235  corporate/4.0/i586/libpcsclite1-1.3.0-2.2.20060mlcs4.i586.rpm
 e4ac5a2b593ef62fae4d2b27f504423c  corporate/4.0/i586/libpcsclite1-devel-1.3.0-2.2.20060mlcs4.i586.rpm
 c4542e045341899a71b51e2790807be2  corporate/4.0/i586/libpcsclite1-static-devel-1.3.0-2.2.20060mlcs4.i586.rpm
 953f7cbed53e20c1e6141593ef682ce8  corporate/4.0/i586/pcsc-lite-1.3.0-2.2.20060mlcs4.i586.rpm 
 3c6765a9ebd8fd682f2894ded24252d5  corporate/4.0/SRPMS/pcsc-lite-1.3.0-2.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 b614f7ed9446b338baa784ae5f52bd12  corporate/4.0/x86_64/lib64pcsclite1-1.3.0-2.2.20060mlcs4.x86_64.rpm
 d0ab4bd7bba3aa12d795ec14b5275255  corporate/4.0/x86_64/lib64pcsclite1-devel-1.3.0-2.2.20060mlcs4.x86_64.rpm
 04c4bc08d596259e4353c52d5e933070  corporate/4.0/x86_64/lib64pcsclite1-static-devel-1.3.0-2.2.20060mlcs4.x86_64.rpm
 6603ce736b8a876949d4d63a08d56e00  corporate/4.0/x86_64/pcsc-lite-1.3.0-2.2.20060mlcs4.x86_64.rpm 
 3c6765a9ebd8fd682f2894ded24252d5  corporate/4.0/SRPMS/pcsc-lite-1.3.0-2.2.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 7ed0fa196d040622f207790461b52a43  mes5/i586/libpcsclite1-1.4.102-1.2mdvmes5.1.i586.rpm
 f879e7282ab9cc61e84ebd2597499f80  mes5/i586/libpcsclite-devel-1.4.102-1.2mdvmes5.1.i586.rpm
 73554d61bc2ab9cb03a150f56a0d6350  mes5/i586/libpcsclite-static-devel-1.4.102-1.2mdvmes5.1.i586.rpm
 06579ff154adcd565b9cab0f840754cd  mes5/i586/pcsc-lite-1.4.102-1.2mdvmes5.1.i586.rpm 
 5cc332351f3350333e0e0f38b9a45771  mes5/SRPMS/pcsc-lite-1.4.102-1.2mdvmes5.1.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 cfa52291779d9196a52d29010705d8d7  mes5/x86_64/lib64pcsclite1-1.4.102-1.2mdvmes5.1.x86_64.rpm
 081a1250e01700a76a9a671a633b7c11  mes5/x86_64/lib64pcsclite-devel-1.4.102-1.2mdvmes5.1.x86_64.rpm
 480be64c067ac9a4db1cf17fc83da674  mes5/x86_64/lib64pcsclite-static-devel-1.4.102-1.2mdvmes5.1.x86_64.rpm
 ddefa78d3c632d33aa5521192bcc53ca  mes5/x86_64/pcsc-lite-1.4.102-1.2mdvmes5.1.x86_64.rpm 
 5cc332351f3350333e0e0f38b9a45771  mes5/SRPMS/pcsc-lite-1.4.102-1.2mdvmes5.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD4DBQFNOH7FmqjQ0CJFipgRAq9/AKCDh6iIaGpAJk79DRyL4F33leMQIwCVFQ46
S0gtdmrSQ8PhtZNCI85Y1g==
=yOk5
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iD8DBQFNPPeb/iFOrG6YcBERAmY8AJ9UD+SwgkEyFb7nmtoJCASbCDb4zACeK+WT
2ZVOYvk1Tb1tBMKCmlfa4us=
=7GmQ
-----END PGP SIGNATURE-----