Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Quis custodiet ipsos custodes? - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Quis custodiet ipsos custodes?

It appears that several forensics tools are seeing a some... ahem... "attention" of late.  Both the commercial tool "Encase" by Guidance Software and the Open Source tool "The Sleuth Kit" saw a slew of CVE's filed yesterday.

Encase:

CVE-2007-4194 (v 5.0)
CVE-2007-4201 (v 6.2 and 6.5)
CVE-2007-4202 (v EEE 6)

The Sleuth Kit (v <2.09):

CVE-2007-4195
CVE-2007-4196
CVE-2007-4197
CVE-2007-4198
CVE-2007-4199
CVE-2007-4200

Issues mainly seem to be in the parsing of various malformed or specially created files/filesystem images.

Tom

160 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!