SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#845747

PTK contains multiple vulnerabilities

Overview

The PTK sleuthkit interface contains multiple vulnerabilities. If exploited, these vulnerabilities may allow an attacker to gain elevated privileges or conduct XSS attacks.

I. Description

PTK is an interface to the sleuthkit forensic tools that uses Apache, PHP and MySQL. PTK versions 1.0.0 to 1.0.4 contain multiple vulnerabilities. These vulnerabilities may be triggered remotely or during the inspection of local HTML files that are rendered in web browsers.

II. Impact

A remote unauthenticated attacker may be able to execute arbitrary javascript or run commands in the context of the Apache web server.

III. Solution

Upgrade

Users and administrators are encouraged to update to the most recent version of PTK.

Do not connect PTK to untrusted networks

Systems running PTK should not be directly or indirectly (proxies, firewalls, etc) connected to the Internet or other untrusted networks. See the PTK security page for more information about running PTK and best practice network configurations. Note that XSS and other vulnerabilities could be triggered by local files, so this workaround is not likely to be effective in all cases.

Secure web browser configurations

Using secure browser configurations may mitigate these and future vulnerabilities.. See the Securing Your Web Browser document for more information.

Systems Affected

VendorStatusDate NotifiedDate Updated
DFLabsVulnerable2009-03-13

References


http://ptk.dflabs.com/security.html
http://www.cert.org/tech_tips/securing_browser/

Credit

Thanks to Gabriele Zanoni (Secure Network Srl, g.zanoni@securenetwork.it) for reporting this issue, and thanks to DFLabs for providing technical information.

This document was written by Ryan Giobbi.

Other Information

Date Public:2009-03-13
Date First Published:2009-03-13
Date Last Updated:2009-03-13
CERT Advisory: 
CVE-ID(s): 
NVD-ID(s): 
US-CERT Technical Alerts: 
Metric:0.56
Document Revision:51

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader