TrueCrypt and VeraCrypt Windows installers allow arbitrary code execution with elevation of privilege

2016.01.11
Risk: High
Local: No
Remote: Yes
CWE: N/A


Ogólna skala CVSS: 4.4/10
Znaczenie: 6.4/10
Łatwość wykorzystania: 3.4/10
Wymagany dostęp: Lokalny
Złożoność ataku: Średnia
Autoryzacja: Nie wymagana
Wpływ na poufność: Częściowy
Wpływ na integralność: Częściowy
Wpływ na dostępność: Częściowy

Hi, The Windows installers of TrueCrypt 7.1a (latest version) and its fork VeraCrypt 1.16 (latest version) are vulnerable to Dll Hijacking that allows arbitrary code execution with elevation of privilege. This vulnerability affects on all version of Windows. More information can be found at: http://seclists.org/fulldisclosure/2016/Jan/22 The patches applied to fix this issue in VeraCrypt are: - https://github.com/veracrypt/VeraCrypt/commit/5872be28a243acb3b5aafdf13248e07d30471893 - https://github.com/veracrypt/VeraCrypt/commit/7a15ff2083d75cdfe343de154715442dce635492 The fix has been included in VeraCrypt 1.17-BETA (Build 15) which is available at: https://veracrypt.codeplex.com/releases/view/619351. Many thanks to Stefan Kanthak (http://home.arcor.de/skanthak) for reporting this issue and for his help in verifying the correctness of the fix. Regards, - -- Mounir IDRASSI https://veracrypt.codeplex.com https://www.idrix.fr

Referencje:

https://github.com/veracrypt/VeraCrypt/commit/5872be28a243acb3b5aafdf13248e07d30471893
https://github.com/veracrypt/VeraCrypt/commit/7a15ff2083d75cdfe343de154715442dce635492
https://veracrypt.codeplex.com/releases/view/619351


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top