SecureKit Steganography Carrier File Password Security Bypass Vulnerability
BID:21938
Info
SecureKit Steganography Carrier File Password Security Bypass Vulnerability
| Bugtraq ID: | 21938 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 08 2007 12:00AM |
| Updated: | Jan 08 2007 12:00AM |
| Credit: | Adonis and Abed are credited with the discovery of this vulnerability. |
| Vulnerable: |
SecureKit Steganography 1.7.1 SecureKit Steganography 1.8 |
| Not Vulnerable: | |
Discussion
SecureKit Steganography Carrier File Password Security Bypass Vulnerability
SecureKit Stenanography is prone to a security-bypass vulnerability because of a design flaw when encrypting sensitive information.
Successful exploits allow local attackers to bypass the security restriction to obtain sensitive information that may lead to other attacks.
This issue affects versions 1.8 and 1.71; other versions may also be affected.
SecureKit Stenanography is prone to a security-bypass vulnerability because of a design flaw when encrypting sensitive information.
Successful exploits allow local attackers to bypass the security restriction to obtain sensitive information that may lead to other attacks.
This issue affects versions 1.8 and 1.71; other versions may also be affected.
Exploit / POC
SecureKit Steganography Carrier File Password Security Bypass Vulnerability
An attacker can exploit this issue by gaining local interactive access to the computer hosting the vulnerable application.
An attacker can exploit this issue by gaining local interactive access to the computer hosting the vulnerable application.
Solution / Fix
SecureKit Steganography Carrier File Password Security Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
SecureKit Steganography Carrier File Password Security Bypass Vulnerability
References:
References:
- A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Adonis and Abed )
- SecureKit Stenanography Homepage (SecureKit)