Full Disclosure mailing list archives

Re: Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege

From: Douglas Held <risk () douglasheld net>
Date: Sun, 10 Jan 2016 15:06:54 +0000

Stefan,

I really enjoy your submissions. This is great work.
But how did you expect to get a response from the TrueCrypt developers? I
think it is widely understood they are already pwned.

Regards,
Doug

On Sat, Jan 9, 2016 at 8:00 PM, <fulldisclosure-request () seclists org> wrote:

Send Fulldisclosure mailing list submissions to
        fulldisclosure () seclists org
...


Message: 10
Date: Fri, 8 Jan 2016 14:32:51 +0100
From: "Stefan Kanthak" <stefan.kanthak () nexgo de>
To: <fulldisclosure () seclists org>
Cc: <bugtraq () securityfocus com>
Subject: [FD] Executable installers are vulnerable^WEVIL (case 20):
        TrueCrypt's installers allow arbitrary (remote) code    execution
and
        escalation of privilege
Message-ID: <EC5015EE18864C70831D6F72B4812646@W340>
Content-Type: text/plain;       charset="iso-8859-1"

Hi @ll,

the executable installers "TrueCrypt Setup 7.1a.exe" and
TrueCrypt-7.2.exe load and execute USP10.dll, RichEd20.dll,
....

Timeline:
~~~~~~~~~

2015-12-23    report sent to vendor

              NO ANSWER, not even an acknowledgement of receipt

2016-01-01    reports resent to vendor

              NO ANSWER, not even an acknowledgement of receipt

2016-01-08    report published


------------------------------

Subject: Digest Footer

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

Re: Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege Douglas Held (Jan 11)