Mar 17, 2014
TrueCrypt Encryption Software Has Two Critical Flaws: It's CVE-2015-7358: The first vulnerability occurs because the TrueCrypt driver lacks in properly validating the drive letter symbolic link used for mounting volumes. As a result, an attacker can gain access to a running process and get full administrative privileges. True Goodbye: ‘Using TrueCrypt Is Not Secure’ — Krebs on May 29, 2014
Jun 22, 2019
Truecrypt Critical Vulnerability, Patched in Veracrypt, CVE-2015-7358,7359. Close. 552. Posted by. u/kn72. 3 years ago. Archived. Wait, privilege escalation via the TrueCrypt client isn't considered a backdoor? edit oh, backdoor into the volume, not backdoor into the local system.
NVD - CVE-2016-1281
TrueCrypt was an encryption program for data at rest (that is, data stored, for example on your hard drive – as distinct from data in motion, like the contents of the email you send to your friend). For data at rest encryption programs there are, conceptually, three points of vulnerability. Second TrueCrypt Audit Concludes No Backdoors or Serious The vulnerability identified questions whether or not the RNG could indeed be predicted. Green said the TrueCrypt developers, whose identities remain anonymous but run under online alias “ennead” and “syncon”, based the RNG TrueCrpyt makes use of on a 17-year-old design that uses an entropy pool of unpredictable values from various TrueCrypt audit reveals vulnerabilities but no backdoors Apr 16, 2014 Truecrypt : Products and vulnerabilities This page lists vulnerability statistics for all products of Truecrypt. Vulnerability statistics provide a quick overview for security vulnerabilities related to software products of this vendor. You can view products of this vendor or security vulnerabilities related to products of Truecrypt.