7.8

CVE-2015-7358

The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter and gain privileges via an entry in the /GLOBAL?? directory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiphershedCiphershed Version <= 0.7.5.0
   MicrosoftWindows
IdrixVeracrypt Version <= 1.14
   MicrosoftWindows
TruecryptTruecrypt Version7.0
   MicrosoftWindows
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.2% 0.64
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://packetstormsecurity.com/files/133878/Truecrypt-7-Derived-Code-Windows-Drive-Letter-Symbolic-Link-Creation-Privilege-Escalation.html
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2015/09/22/7
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2015/09/24/3
Third Party Advisory
Mailing List
Issue Tracking
https://code.google.com/p/google-security-research/issues/detail?id=538
Third Party Advisory
https://veracrypt.codeplex.com/wikipage?title=Release%20Notes
Vendor Advisory
Release Notes
https://www.exploit-db.com/exploits/38403/
Third Party Advisory
VDB Entry