Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4151

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-4151
Last Modified 05 Sep 2008 04:56:10
Published 10 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-4151

Summary

The Wipe Free Space utility in PGP Desktop Home 8.0 and Desktop Professional 9.0.3 Build 2932 and earlier does not clear file slack space in the last cluster for the file, which allows local users to access the previous contents of the disk.

Vulnerable Systems

Application

  • Pgp Desktop 8.0

  • Pgp Desktop 9.0

  • Pgp Desktop 9.0.3 Build 2932


References

BID - 15784

BUGTRAQ - 20051216 Update on the PGP NTFS File Wipe Issue, 16 Dec 2005

BUGTRAQ - 20051211 Status on PGP NTFS File Wipe issue, 11 Dec 2005

BUGTRAQ - 20051209 PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer

OSVDB - 21569

SECUNIA - 17827

MISC - http://metasploit.com/research/vulns/pgp_slackspace/

FULLDISC - 20051208 PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer


Last Updated: 27 May 2016 10:41:12