Threat Level: green Handler on Duty: Remco Verhoef

SANS ISC: Quis custodiet ipsos custodes? - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Quis custodiet ipsos custodes?

It appears that several forensics tools are seeing a some... ahem... "attention" of late.  Both the commercial tool "Encase" by Guidance Software and the Open Source tool "The Sleuth Kit" saw a slew of CVE's filed yesterday.

Encase:

CVE-2007-4194 (v 5.0)
CVE-2007-4201 (v 6.2 and 6.5)
CVE-2007-4202 (v EEE 6)

The Sleuth Kit (v <2.09):

CVE-2007-4195
CVE-2007-4196
CVE-2007-4197
CVE-2007-4198
CVE-2007-4199
CVE-2007-4200

Issues mainly seem to be in the parsing of various malformed or specially created files/filesystem images.

Tom

160 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!