exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Securstar DriveCrypt Denail Of Service / Privilege Escalation

Securstar DriveCrypt Denail Of Service / Privilege Escalation
Posted Jul 21, 2011
Authored by Neil Kettle

Securstar DriveCrypt suffers from local kernel denial of service, memory disclosure, and privilege escalation vulnerabilities.

tags | advisory, denial of service, kernel, local, vulnerability
SHA-256 | 06433555ac06a393802719b982d7c7ba91990e26bbafd8a88fcab83f72925f4c

Securstar DriveCrypt Denail Of Service / Privilege Escalation

Change Mirror Download
===============================ADVISORY===============================
Advisory: Securstar - DriveCrypt - Local Kernel
Denial of Service/Memory Disclosure/Privilege Escalation
Advisory ID: DSEC-2011-0001
Author: Neil Kettle, Digit Security Ltd
Affected Software: Securstar DriveCrypt
Vendor URL: http://www.securstar.com
Vendor Status: 'patched'
Category: Denial of Service/Memory Disclosure/Privilege
Escalation
Date Reported: 2009/12/07
Last Modified: 2011/07/20
Release Date: 2011/07/20
===============================ADVISORY===============================

Description
-----------
Multiple vulnerabilities have been discovered in Securstar DriveCrypt kernel
drivers, the vulnerabilities exist due to several somewhat systemic issues in
the validation of user-supplied pointers and trust thereof, use of user-supplied
parameters to privileged kernel functionality and finally, the lack of bounds
checking in unbounded copy operations resulting in buffer overflows.

Analysis
--------
Numerous vulnerabilities exists due to a complete lack of validation of user-
supplied pointers contained within structures passed as arguments to the IOCTL
interface exported from the globally accessible "\\.\DCR" device.

Exploitation
------------
An exploit will be made available to the public in due course at the
following URL,

http://www.digit-labs.org/
http://www.digit-security.com/research.php

Technologies Affected
------------------------------
Securstar - DriveCrypt (<= 5.2)


Vendor Response
------------------------------
http://www.securstar.com/press.php?id_press=405


Disclosure Timeline
------------------------------
7th December 2009 - Vendor Disclosure
10th June 2011 - Vendor Releases Patches


Credits
------------------------------
Neil Kettle of Digit Security Ltd


About Digit Security Ltd
----------------------------------
Digit Security is a computer security consultancy based in the United
Kingdom, albeit with a slight difference. The company is a co-operatively
controlled entity comprised of professionals who are experts in their
respective fields. Thus, as a corollary, nearly everyone at Digit Security
is a both a Consultant, Developer and a Director.

Web: www.digit-security.com
Email: research@digit-security.com

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close