CVE-2001-1345

Name of the Vulnerable Software and Affected Versions Jetico BestCrypt version 0.7 and earlier

Description The issue allows local users to gain privileges by modifying the PATH to point to a Trojan horse program, due to bctool trusting the user-supplied PATH to find and execute an fsck utility program.

Recommendations For Jetico BestCrypt version 0.7 and earlier, as a temporary workaround, consider restricting the ability of local users to modify the PATH environment variable until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.