PT-2002-2786 · Microsoft+1 · Ntfs+2
Published
2002-12-31
·
Updated
2024-02-08
·
CVE-2002-2066
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
BestCrypt BCWipe versions 1.0.7 and 2.0 through 2.35.1
Description:
The issue allows attackers to recover sensitive information that was supposed to be deleted because it does not clear Windows alternate data streams attached to files on NTFS file systems.
Recommendations:
For BestCrypt BCWipe version 1.0.7, update to a version that properly clears Windows alternate data streams.
For BestCrypt BCWipe versions 2.0 through 2.35.1, update to a version that properly clears Windows alternate data streams.
As a temporary workaround, consider manually clearing Windows alternate data streams for sensitive files until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bestcrypt Bcwipe
Ntfs
Windows