Quis custodiet ipsos custodes?

Published: 2007-08-08
Last Updated: 2007-08-08 16:05:20 UTC
by Tom Liston (Version: 1)
0 comment(s)

It appears that several forensics tools are seeing a some... ahem... "attention" of late.  Both the commercial tool "Encase" by Guidance Software and the Open Source tool "The Sleuth Kit" saw a slew of CVE's filed yesterday.

Encase:

CVE-2007-4194 (v 5.0)
CVE-2007-4201 (v 6.2 and 6.5)
CVE-2007-4202 (v EEE 6)

The Sleuth Kit (v <2.09):

CVE-2007-4195
CVE-2007-4196
CVE-2007-4197
CVE-2007-4198
CVE-2007-4199
CVE-2007-4200

Issues mainly seem to be in the parsing of various malformed or specially created files/filesystem images.

Keywords:
0 comment(s)

Comments

Diary Archives