Vulnerability Note VU#821865

CREDANT Mobile Guardian Shield fails to remove credentials from memory

Original Release date: 01 Jun 2007 | Last revised: 01 Jun 2007

Overview

CREDANT Mobile Guardian Shield fails to properly remove credentials from memory, which may allow an attacker to obtain access to the Windows domain and encrypted drive contents.

Description

CREDANT Mobile Guardian (CMG) Shield is a component of Mobile Guardian Enterprise Edition. CMG Shield provides policy-based encryption of specified files. CMG Shield fails to properly clear credentials out of system memory. The default configuration for CMG Shield does not encrypt the Windows pagefile, which means that the credentials may be written to disk. Please see the CREDANT vendor statement below in this vulnerability note for more details.

Impact

An attacker with access to the contents of system memory may be able to retrieve the user's credentials, which can allow access to encrypted files.

Solution

Apply an update

This issue is addressed in CMG Enterprise Edition 5.2.1 SP1, which was released on May 1, 2007. Please see the CREDANT support site to obtain the update. Details for this vulnerability are available in the support post titled "Vulnerability in Credant Mobile Guardian Shield for Windows."

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
CREDANT Technologies, Inc.Affected17 Apr 200701 Jun 2007
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to Michael Iacovacci for reporting this vulnerability.

This document was written by Will Dormann.

Other Information

  • CVE IDs: CVE-2007-2883
  • Date Public: 24 May 2007
  • Date First Published: 01 Jun 2007
  • Date Last Updated: 01 Jun 2007
  • Severity Metric: 0.49
  • Document Revision: 4

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.