Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2183

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2006-2183
Last Modified 07 Mar 2011 09:35:30
Published 04 May 2006 08:38:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-2183

Summary

Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command.

Vulnerable Systems

Application

  • Truecrypt Foundation Truecrypt 4.1


References

MISC - http://www.truecrypt.org/history.php

OSVDB - 25131

SECUNIA - 19903

VUPEN - ADV-2006-1591

MLIST - [Dailydave] 20060430 Non disclosure from security vendors: Truecrypt exemple

XF - truecrypt-execvp-gain-privileges(26191)


Last Updated: 27 May 2016 10:42:22