CVE-2010-0225 Information
Description
SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents which makes it easier for physically proximate attackers to read or modify data by determining and providing this key.
Reference
http://blogs.zdnet.com/hardware/?p=6655 http://it.slashdot.org/story/10/01/05/1734242/ http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009 http://www.securityfocus.com/bid/37677 http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_SanDisk_USB-Stick.pdf http://www.syss.de/index.php?id=108&tx_ttnews[tt_news]=528&cHash=8d16fa63d9 http://www.vupen.com/english/advisories/2010/0078 https://www.ironkey.com/usb-flash-drive-flaw-exposed
Share on: