CVE-2015-7359

Sažetak

The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, do not check the impersonation level of impersonation tokens, which allows local users to impersonate a user at SecurityIdentify level and gain access to other users' mounted encrypted volumes.

Reference

https://veracrypt.codeplex.com/wikipage?title=Release%20Notes
https://code.google.com/p/google-security-research/issues/detail?id=537
http://www.openwall.com/lists/oss-security/2015/09/24/3
http://www.openwall.com/lists/oss-security/2015/09/22/7
http://packetstormsecurity.com/files/133877/Truecrypt-7-Privilege-Escalation.html

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

28-06-2021 - 18:20

Objavljeno

03-10-2017 - 01:29