Candidate: CVE-2009-1603
PublicDate: 2009-05-11 16:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1603
 http://www.opensc-project.org/pipermail/opensc-announce/2009-May/000025.html
Description:
 src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with
 unspecified third-party PKCS#11 modules, generates RSA keys with incorrect
 public exponents, which allows attackers to read the cleartext form of
 messages that were intended to be encrypted.
Ubuntu-Description:
Notes:
 jdstrand> per Debian, 0.11.4-5+lenny1 and earlier not affected
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_opensc:
upstream_opensc: released (0.11.8)
dapper_opensc: not-affected
hardy_opensc: not-affected
intrepid_opensc: not-affected
jaunty_opensc: not-affected
karmic_opensc: ignored (reached end-of-life)
lucid_opensc: not-affected (0.11.8-1ubuntu1)
maverick_opensc: not-affected (0.11.8-1ubuntu1)
natty_opensc: not-affected (0.11.8-1ubuntu1)
devel_opensc: not-affected (0.11.8-1ubuntu1)