Test ID:	1.3.6.1.4.1.25623.1.0.63601
Category:	Fedora Local Security Checks
Title:	Fedora Core 9 FEDORA-2009-2267 (opensc)
Summary:	The remote host is missing an update to opensc;announced via advisory FEDORA-2009-2267.;Note: This VT has been deprecated and is therefore no longer functional.
Description:	Summary: The remote host is missing an update to opensc announced via advisory FEDORA-2009-2267. Note: This VT has been deprecated and is therefore no longer functional. Vulnerability Insight: Update Information: Security update fixing CVE-2008-3972, CVE-2008-2235, and CVE-2009-0368. ChangeLog: * Fri Feb 27 2009 Tomas Mraz - 0.11.7-1 - new upstream version - fixes CVE-2009-0368 * Thu Feb 26 2009 Fedora Release Engineering - 0.11.6-3 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update opensc' at the command line. CVSS Score: 6.6 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3972 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00686.html http://www.opensc-project.org/pipermail/opensc-announce/2008-August/000021.html http://www.openwall.com/lists/oss-security/2008/09/09/14 http://secunia.com/advisories/32099 http://secunia.com/advisories/34362 SuSE Security Announcement: SUSE-SR:2008:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html XForce ISS Database: opensc-pkcs15tool-weak-security(45045) https://exchange.xforce.ibmcloud.com/vulnerabilities/45045 Common Vulnerability Exposure (CVE) ID: CVE-2008-2235 BugTraq ID: 30473 http://www.securityfocus.com/bid/30473 Debian Security Information: DSA-1627 (Google Search) https://www.debian.org/security/2008/dsa-1627 http://security.gentoo.org/glsa/glsa-200812-09.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:183 http://www.opensc-project.org/pipermail/opensc-announce/2008-July/000020.html http://secunia.com/advisories/31330 http://secunia.com/advisories/31360 http://secunia.com/advisories/33115 SuSE Security Announcement: SUSE-SR:2009:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html XForce ISS Database: opensc-smartcard-cryptotoken-weak-security(44140) https://exchange.xforce.ibmcloud.com/vulnerabilities/44140 Common Vulnerability Exposure (CVE) ID: CVE-2009-0368 BugTraq ID: 33922 http://www.securityfocus.com/bid/33922 Debian Security Information: DSA-1734 (Google Search) http://www.debian.org/security/2009/dsa-1734 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00673.html http://security.gentoo.org/glsa/glsa-200908-01.xml http://www.opensc-project.org/pipermail/opensc-announce/2009-February/000023.html http://openwall.com/lists/oss-security/2009/02/26/1 http://secunia.com/advisories/34052 http://secunia.com/advisories/34120 http://secunia.com/advisories/34377 http://secunia.com/advisories/35065 http://secunia.com/advisories/36074 SuSE Security Announcement: SUSE-SR:2009:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html XForce ISS Database: opensc-pkcs-unauth-access(48958) https://exchange.xforce.ibmcloud.com/vulnerabilities/48958
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.