Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - TrueCrypt: multiple vulnerabilities

April 2014 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can use several vulnerabilities of TrueCrypt.

- Impacted products: TrueCrypt
- Severity: 2/4
- Creation date: 15/04/2014

DESCRIPTION OF THE VULNERABILITY

Several vulnerabilities were announced in TrueCrypt.

An attacker can perform a brute force on an encrypted volume, with a PBKDF2 header, in order to decrypt it. [severity:1/4]

When the system is low in physical memory, an attacker can read pages (swap) on the disk, in order to obtain sensitive information. [severity:1/4]

An attacker can generate an integer overflow in the Bootloader Decompressor, in order to trigger a denial of service, and possibly to execute code. [severity:2/4]

The code uses memset() to delete data, but it may be optimized by the compiler. An attacker can then obtain sensitive information. [severity:1/4]

An attacker can use TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG, in order to obtain a pointer address to bypass ALSR. [severity:1/4; CVE-2014-2884]

An attacker can generate an integer overflow in IOCTL_DISK_VERIFY, in order to trigger a denial of service, and possibly to execute code. [severity:2/4]

An attacker can use TC_IOCTL_OPEN_TEST, in order to obtain sensitive information. [severity:1/4]

An attacker can generate an integer overflow in MainThreadProc, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-2885]

An attacker can use "\\device\", in order to bypass a check in MountVolume(). [severity:1/4]

An attacker can use TC_IOCTL_BOOT_ENCRYPTION_SETUP or TC_IOCTL_START_DECOY_SYSTEM_WIPE, in order to trigger a denial of service. [severity:1/4]

When the system is low in physical memory, the EncryptDataUnits() function can write clear text data. An attacker can then obtain sensitive information. [severity:2/4]

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/T...




See previous articles

    

See next articles