Описание
TrueCrypt 4.3, when installed setuid root, allows local users to cause a denial of service (filesystem unavailability) or gain privileges by mounting a crafted TrueCrypt volume, as demonstrated using (1) /usr/bin or (2) another user's home directory, a different issue than CVE-2007-1589.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:truecrypt_foundation:truecrypt:3.0:*:*:*:*:*:*:*
cpe:2.3:a:truecrypt_foundation:truecrypt:4.0:*:*:*:*:*:*:*
cpe:2.3:a:truecrypt_foundation:truecrypt:4.1:*:*:*:*:*:*:*
cpe:2.3:a:truecrypt_foundation:truecrypt:4.2:*:*:*:*:*:*:*
cpe:2.3:a:truecrypt_foundation:truecrypt:4.3:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00156
Низкий
6.9 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
TrueCrypt 4.3, when installed setuid root, allows local users to cause a denial of service (filesystem unavailability) or gain privileges by mounting a crafted TrueCrypt volume, as demonstrated using (1) /usr/bin or (2) another user's home directory, a different issue than CVE-2007-1589.
EPSS
Процентиль: 37%
0.00156
Низкий
6.9 Medium
CVSS2
Дефекты
NVD-CWE-Other