Overview
ATA interface software, including multiple system board BIOS implementations do not adequately manage the ATA hard drive security mode. An attacker may be able to manipulate this situation to completely lock a hard drive resulting in an almost unrecoverable denial-of-service condition
Description
ATA compliant devices may include the ability to a 32 byte password to prevent data on a device from being disclosed to unauthorized parties. Once set, the password must be entered via the ATA interface software at boot time or the drive will lock itself. When a system is booted the ATA compliant drive should validate the password, if it has been set. Next, the ATA interface software should issue the SECURITY FREEZE LOCK command to prevent changes to the password until the system is rebooted. Please note that if the security features are supported by a ATA compliant drive, they are inactive until a password is set with the SECURITY SET PASSWORD command. Many different system components may have the ability to issue ATA commands, including the system board BIOS, add-in cards, operating system drivers, and software utilities. However, if a system does not properly handle the ATA security features, then it is likely that that system does not issue the SECURITY FREEZE LOCK command. If an attacker can gain the privileges needed to issue ATA commands on a system, and that system does not issue the SECURITY FREEZE LOCK command, that attacker may be able to arbitrarily set the password for that drive. Once the password is set, the next time the system is rebooted the system's drive will remain in a locked state until the password is provided. A locked hard drive will ignore commands such as those used to read, write, or erase data. This results in a complete denial-of-service condition. |
Impact
If an attacker can change the ATA password on an ATA device, that attacker can completely lock the device, making all the data on the device inaccessible. |
Solution
Upgrade ATA Software |
Vendor Information
Check Point Software Technologies Not Affected
Notified: August 18, 2005 Updated: October 25, 2005
Statement Date: October 25, 2005
Status
Not Affected
Vendor Statement
Check Point products are not affected by this issue.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Hitachi Not Affected
Notified: August 18, 2005 Updated: October 13, 2005
Statement Date: October 13, 2005
Status
Not Affected
Vendor Statement
Hitachi notebook PCs and desktop PCs are not affected to this issue.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NextHop Technologies, Inc. Not Affected
Notified: August 18, 2005 Updated: October 18, 2005
Statement Date: October 18, 2005
Status
Not Affected
Vendor Statement
As NextHop does neither ship, nor manages, ATA devices, our code is not susceptible to this vulnerability.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
OpenBSD Not Affected
Notified: August 18, 2005 Updated: June 21, 2012
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Vendor References
3com, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
AMI Unknown
Updated: June 08, 2005
Statement Date: June 08, 2005
Status
Unknown
Vendor Statement
AMI has a patch for this vunerability available to customers, which is integrated into our next core update for AMIBIOS8. Future products will continue to be tested against this issue.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
AT&T Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Alcatel Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
American Megatrends Incorporated (AMI) Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Apple Computer, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Avaya, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Avici Systems, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Charlotte's Web Networks Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Chiaro Networks, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Cisco Systems, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Conectiva Inc. Unknown
Notified: October 24, 2005 Updated: October 24, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Cray Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
D-Link Systems, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Data Connection, Ltd. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Debian Linux Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
EMC, Inc. (formerly Data General Corporation) Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Engarde Secure Linux Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Extreme Networks Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
F5 Networks, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Fedora Project Unknown
Notified: October 07, 2005 Updated: October 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Force10 Networks, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Foundry Networks, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
FreeBSD, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Fujitsu Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Gentoo Linux Unknown
Notified: October 07, 2005 Updated: October 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Hewlett-Packard Company Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Hyperchip Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IBM Corporation Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IBM Corporation (zseries) Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IBM eServer Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Immunix Communications, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ingrian Networks, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Intel Corporation Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Juniper Networks, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Lucent Technologies Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Luminous Networks Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Mandriva, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Mandriva, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Microsoft Corporation Unknown
Updated: September 22, 2005
Statement Date: May 24, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
MontaVista Software, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Motorola, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Multinet (owned Process Software Corporation) Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Multitech, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NEC Corporation Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NetBSD Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Network Appliance, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Nortel Networks, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Novell, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Openwall GNU/*/Linux Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Phoenix Technologies Ltd. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
QNX, Software Systems, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Red Hat, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Redback Networks, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ricoh Corporation Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Riverstone Networks, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
SUSE Linux Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Seagate Technology LLC Unknown
Notified: August 11, 2005 Updated: August 11, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sequent Computer Systems, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Silicon Graphics, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Slackware Linux Inc. Unknown
Notified: October 07, 2005 Updated: October 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sony Corporation Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sun Microsystems, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
The SCO Group Unknown
Notified: October 24, 2005 Updated: October 24, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
The SCO Group (SCO Linux) Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
The SCO Group (SCO Unix) Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Trustix Secure Linux Unknown
Notified: October 07, 2005 Updated: October 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Turbolinux Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
UNISYS Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ubuntu Unknown
Notified: October 07, 2005 Updated: October 07, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Wind River Systems, Inc. Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
ZyXEL Unknown
Notified: August 18, 2005 Updated: August 18, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | 4.7 | AV:L/AC:M/Au:N/C:N/I:N/A:C |
Temporal | 3.8 | E:POC/RL:TF/RC:C |
Environmental | 2.9 | CDP:ND/TD:M/CR:ND/IR:H/AR:ND |
References
- http://www.heise.de/artikel-archiv/ct/2005/08/172
- http://www.heise.de/ct/english/05/08/172/
- http://www.freerepublic.com/focus/f-chat/1376364/posts
- http://lists.freebsd.org/pipermail/freebsd-hackers/2005-April/011318.html
- http://forums.macnn.com/90/mac-os-x/257495/major-ata-security-risk-apple-computers/
- http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/ata/wd.c#rev1.43
Acknowledgements
This issue was published in an article in c't. Thanks also to Seagate for expert advice.
This document was written by Jeff Gennari.
Other Information
CVE IDs: | None |
Severity Metric: | 2.25 |
Date Public: | 2005-04-02 |
Date First Published: | 2012-06-21 |
Date Last Updated: | 2012-06-21 19:46 UTC |
Document Revision: | 72 |