Vulnerabilities > CVE-2007-1738 - Local Privilege Escalation vulnerability in TrueCrypt Mount Set-EUID
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
TrueCrypt 4.3, when installed setuid root, allows local users to cause a denial of service (filesystem unavailability) or gain privileges by mounting a crafted TrueCrypt volume, as demonstrated using (1) /usr/bin or (2) another user's home directory, a different issue than CVE-2007-1589.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |
Exploit-Db
| description | TrueCrypt 4.3 Privilege Escalation Exploit (CVE-2007-1738). CVE-2007-1738. Local exploit for windows platform |
| id | EDB-ID:3664 |
| last seen | 2016-01-31 |
| modified | 2007-04-04 |
| published | 2007-04-04 |
| reporter | Marco Ivaldi |
| source | https://www.exploit-db.com/download/3664/ |
| title | TrueCrypt 4.3 - Privilege Escalation Exploit |
Seebug
bulletinFamily exploit description No description provided by source. id SSV:6613 last seen 2017-11-19 modified 2007-04-10 published 2007-04-10 reporter Root source https://www.seebug.org/vuldb/ssvid-6613 title TrueCrypt <= 4.3 Local Privilege Escalation Exploit (CVE-2007-1738) bulletinFamily exploit description No description provided by source. id SSV:64601 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-64601 title TrueCrypt 4.3 - Privilege Escalation Exploit
References
- http://secunia.com/advisories/24643
- http://securityreason.com/securityalert/2492
- http://www.securityfocus.com/archive/1/464064/100/0/threaded
- http://www.securityfocus.com/archive/1/464472/100/100/threaded
- http://www.securityfocus.com/archive/1/464722/100/0/threaded
- http://www.securityfocus.com/bid/23180
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33303