Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:26692
HistoryJul 26, 2011 - 12:00 a.m.

Securstar - DriveCrypt - Local Kernel Denial of Service/Memory Disclosure/Privilege Escalation

2011-07-2600:00:00
vulners.com
16
JSON

===============================ADVISORY===============================
Advisory: Securstar - DriveCrypt - Local Kernel
Denial of Service/Memory Disclosure/Privilege Escalation
Advisory ID: DSEC-2011-0001
Author: Neil Kettle, Digit Security Ltd
Affected Software: Securstar DriveCrypt
Vendor URL: http://www.securstar.com
Vendor Status: 'patched'
Category: Denial of Service/Memory Disclosure/Privilege
Escalation
Date Reported: 2009/12/07
Last Modified: 2011/07/20
Release Date: 2011/07/20
===============================ADVISORY===============================

Description

Multiple vulnerabilities have been discovered in Securstar DriveCrypt kernel
drivers, the vulnerabilities exist due to several somewhat systemic issues in
the validation of user-supplied pointers and trust thereof, use of user-supplied
parameters to privileged kernel functionality and finally, the lack of bounds
checking in unbounded copy operations resulting in buffer overflows.

Analysis

Numerous vulnerabilities exists due to a complete lack of validation of user-
supplied pointers contained within structures passed as arguments to the IOCTL
interface exported from the globally accessible "\\.\DCR" device.

Exploitation

An exploit will be made available to the public in due course at the
following URL,

http://www.digit-labs.org/
http://www.digit-security.com/research.php

Technologies Affected

Securstar - DriveCrypt (<= 5.2)

Vendor Response

http://www.securstar.com/press.php?id_press=405

Disclosure Timeline

7th December 2009 - Vendor Disclosure
10th June 2011 - Vendor Releases Patches

Credits

Neil Kettle of Digit Security Ltd

About Digit Security Ltd

Digit Security is a computer security consultancy based in the United
Kingdom, albeit with a slight difference. The company is a co-operatively
controlled entity comprised of professionals who are experts in their
respective fields. Thus, as a corollary, nearly everyone at Digit Security
is a both a Consultant, Developer and a Director.

Web: www.digit-security.com
Email: [email protected]

JSON