CVSS: 6.9EPSS: 0%CPEs: 5EXPL: 1CVE-2007-1738 – TrueCrypt 4.3 - 'setuid' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-1738
TrueCrypt 4.3, when installed setuid root, allows local users to cause a denial of service (filesystem unavailability) or gain privileges by mounting a crafted TrueCrypt volume, as demonstrated using (1) /usr/bin or (2) another user's home directory, a different issue than CVE-2007-1589. TrueCrypt versión 4.3, cuando es instalado el root setuid, permite a los usuarios locales causar una denegación de servicio (indisponibilidad de sistema de archivos) o alcanzar privilegios mediante el montaje de un volumen TrueCrypt creado, como es demostrado utilizando (1) /usr/bin o (2) el directorio home de otro usuario, un problema diferente al CVE-2007-1589. • https://www.exploit-db.com/exploits/3664 http://secunia.com/advisories/24643 http://securityreason.com/securityalert/2492 http://www.securityfocus.com/archive/1/464064/100/0/threaded http://www.securityfocus.com/archive/1/464472/100/100/threaded http://www.securityfocus.com/archive/1/464722/100/0/threaded http://www.securityfocus.com/bid/23180 https://exchange.xforce.ibmcloud.com/vulnerabilities/33303 •
CVSS: 2.1EPSS: 0%CPEs: 5EXPL: 0CVE-2007-1589
https://notcve.org/view.php?id=CVE-2007-1589
TrueCrypt before 4.3, when set-euid mode is used on Linux, allows local users to cause a denial of service (filesystem unavailability) by dismounting a volume mounted by a different user. TrueCrypt versiones anteriores a 4.3, cuando se usa el modo Linux set-euid, permite a usuarios locales provocar una denegación de servicio (indisposición de sistema de ficheros) al desmontar un volumen montado por un usuario diferente. • http://secunia.com/advisories/24627 http://www.securityfocus.com/bid/23128 http://www.truecrypt.org/docs/?s=version-history http://www.vupen.com/english/advisories/2007/1103 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2006-2183
https://notcve.org/view.php?id=CVE-2006-2183
Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command. • http://lists.immunitysec.com/pipermail/dailydave/2006-April/003152.html http://secunia.com/advisories/19903 http://www.osvdb.org/25131 http://www.truecrypt.org/history.php http://www.vupen.com/english/advisories/2006/1591 https://exchange.xforce.ibmcloud.com/vulnerabilities/26191 •