Retired: DriveCrypt Incorrect BIOS API Usage Security Vulnerability

DriveCrypt is prone to a security vulnerability that may cause a denial-of-service condition or allow attackers to gain access to plain text passwords.

Local attackers can exploit this issue to gain access to access to sensitive information or cause the affected computer to reboot.

DriveCrypt Plus Pack version 3.9 is vulnerable; other versions may also be affected.

Note: This vulnerability is the same issue described in BID 15751 (Multiple Vendor BIOS Keyboard Buffer Password Persistence Weakness) therefore this BID is being retired.


Privacy Statement
Copyright 2010, SecurityFocus