Vulnerability Note VU#310057
Guidance EnCase fails to detect more than 25 partitions
Guidance Software's EnCase Forensic can only detect the first 25 partitions on a volume.
Guidance Software's EnCase Forensic is a tool that allows an investigator to acquire and analyze a disk image. EnCase names partitions either c: through z:, with an additional partition named \[.
EnCase Forensic may only detect the first 25 partitions on a volume. The hidden partitions are searchable, but not can not be browsed.
An attacker may be able to hide or obscure data.
Guidance Encase customers should see the Guidance support portal for information about obtaining fixed software.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Guidance Software, Inc.||Affected||18 Sep 2007||20 Nov 2007|
CVSS Metrics (Learn More)
This report was based on information released by iSec partners.
This document was written by Ryan Giobbi.
- CVE IDs: CVE-2007-4201
- Date Public: 03 Aug 2007
- Date First Published: 09 Nov 2007
- Date Last Updated: 20 Nov 2007
- Severity Metric: 0.85
- Document Revision: 19
If you have feedback, comments, or additional information about this vulnerability, please send us email.