Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Truecrypt vulnerability

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
TrueCrypt Foundation
And, this specific program:
TrueCrypt 7.x

This thread has been marked as locked.
tom_1st Truecrypt vulnerability
Member 22nd Jul, 2010 15:28
Ranking: 12
Posts: 24
User Since: 23rd Jun, 2010
System Score: N/A
Location: DE
1.)
There is a vulnerability in Truecrypt 6.2.1.0. (the authors submitted it to truecrypt "the security hole has been submitted to the maker via the official form on their webpage and a fix will soon be available")

http://www.global-evolution.info/news/?p=550 (unfortunatly only in german)
http://www.global-evolution.info/news/files/truecr...

=> This version should be tagged as 'insecure'

2.)
There is a new Truecrypt Version 7.0
and the truecrypt folks explicitly state that version prior to 7.0 should not be used:
http://www.truecrypt.org/pastversions

=> Versions < 7.0 should be tagged as eol'd

Regards,
ToM

ddmarshall RE: Truecrypt vulnerability
Dedicated Contributor 22nd Jul, 2010 19:52
Score: 1198
Posts: 953
User Since: 8th Nov 2008
System Score: 98%
Location: UK
Thanks for the warning.
I was using 6.3, but I don't usually rush to update TrueCrypt. Some nice enhancements as well.

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+0
-0
tom_1st RE: Truecrypt vulnerability
Member 23rd Jul, 2010 09:58
Score: 12
Posts: 24
User Since: 23rd Jun 2010
System Score: N/A
Location: DE
Yeah i think so too, especially the hardware-accelerated AES encryption seems nice!

ToM

Was this reply relevant?
+0
-0
tom_1st RE: Truecrypt vulnerability
Member 23rd Jul, 2010 17:37
Score: 12
Posts: 24
User Since: 23rd Jun 2010
System Score: N/A
Location: DE
@Secunia
Will you update PSI & Co accordingly?

Thanks
ToM
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability