Truecrypt Foundation: >> Truecrypt >> 4.1 Security Vulnerabilities
TrueCrypt 4.3, when installed setuid root, allows local users to cause a denial of service (filesystem unavailability) or gain privileges by mounting a crafted TrueCrypt volume, as demonstrated using (1) /usr/bin or (2) another user's home directory, a different issue than CVE-2007-1589.
CVSS Score
6.9
EPSS Score
0.002
Published
2007-03-28
TrueCrypt before 4.3, when set-euid mode is used on Linux, allows local users to cause a denial of service (filesystem unavailability) by dismounting a volume mounted by a different user.
CVSS Score
2.1
EPSS Score
0.001
Published
2007-03-21
Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command.
CVSS Score
7.2
EPSS Score
0.001
Published
2006-05-04