[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FD] Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege
- To: fulldisclosure@xxxxxxxxxxxx
- Subject: Re: [FD] Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege
- From: Douglas Held <risk@xxxxxxxxxxxxxxx>
- Date: Sun, 10 Jan 2016 15:06:54 +0000
Stefan,
I really enjoy your submissions. This is great work.
But how did you expect to get a response from the TrueCrypt developers? I
think it is widely understood they are already pwned.
Regards,
Doug
On Sat, Jan 9, 2016 at 8:00 PM, <fulldisclosure-request@xxxxxxxxxxxx> wrote:
> Send Fulldisclosure mailing list submissions to
> fulldisclosure@xxxxxxxxxxxx
> ...
>
Message: 10
Date: Fri, 8 Jan 2016 14:32:51 +0100
From: "Stefan Kanthak" <stefan.kanthak@xxxxxxxx>
To: <fulldisclosure@xxxxxxxxxxxx>
Cc: <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: [FD] Executable installers are vulnerable^WEVIL (case 20):
TrueCrypt's installers allow arbitrary (remote) code execution
and
escalation of privilege
Message-ID: <EC5015EE18864C70831D6F72B4812646@W340>
Content-Type: text/plain; charset="iso-8859-1"
Hi @ll,
the executable installers "TrueCrypt Setup 7.1a.exe" and
TrueCrypt-7.2.exe load and execute USP10.dll, RichEd20.dll,
....
Timeline:
~~~~~~~~~
2015-12-23 report sent to vendor
NO ANSWER, not even an acknowledgement of receipt
2016-01-01 reports resent to vendor
NO ANSWER, not even an acknowledgement of receipt
2016-01-08 report published
------------------------------
Subject: Digest Footer
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/