{"vuid":"VU#500963","idnumber":"500963","name":"Motorola Good Mobile Messaging insecure file deletion","keywords":["Good Mobile Messaging","storage card encryption","GMDISK.DSK"],"overview":"When formating removable storage cards, Motorola Good Mobile Messaging products may not properly delete old data.","clean_desc":"Motorola Good Mobile Messaging products can create encrypted containers on removable media storage cards. During the process of creating the container old information on storage card may not be properly deleted.","impact":"Private information may remain on the storage card. If the card is lost, stolen, or redistributed the information could be obtained by a third party.","resolution":"We are currently unaware of a practical solution to this problem.","workarounds":"Securely wipe storage cards Administrators should use a data deletion tool that fills storage cards with data (overwriting private information) prior to using the cards in Good Mobile products. A similar process should be used when disposing or redistributing the cards.","sysaffected":"","thanks":"Thanks to \nMichael J. Iacovacci for reporting this vulnerability.","author":"This document was written by Ryan Giobbi.","public":["http://www.good.com/corp/index.php","http://www.sysresccd.org/Sysresccd-manual-en_Secure_Deletion_of_Data","http://en.wikipedia.org/wiki/Data_remanence#Specific_methods"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2008-03-24T13:09:58Z","publicdate":"2008-03-24T00:00:00Z","datefirstpublished":"2008-05-28T23:45:18Z","dateupdated":"2008-05-29T11:37:45Z","revision":14,"vrda_d1_directreport":"1","vrda_d1_population":"2","vrda_d1_impact":"2","cam_widelyknown":"5","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"1","cam_impact":"10","cam_easeofexploitation":"20","cam_attackeraccessrequired":"5","cam_scorecurrent":"0.09375","cam_scorecurrentwidelyknown":"0.375","cam_scorecurrentwidelyknownexploited":"0.75","ipprotocol":"","cvss_accessvector":"--","cvss_accesscomplexity":"--","cvss_authentication":null,"cvss_confidentialityimpact":"--","cvss_integrityimpact":"--","cvss_availabilityimpact":"--","cvss_exploitablity":null,"cvss_remediationlevel":"ND","cvss_reportconfidence":"ND","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"ND","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"0","cvss_basevector":"AV:--/AC:--/Au:--/C:--/I:--/A:--","cvss_temporalscore":"0","cvss_environmentalscore":"0","cvss_environmentalvector":"CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND","metric":0.09375,"vulnote":null}