DFLabs Information for VU#845747

PTK contains multiple vulnerabilities

Status

Affected

Vendor Statement

The supposed vulnerabilities underlined in the advisory have a very low impact in a real computer forensic environment, as explained in the FAQ file http://ptk.dflabs.com/faq.html . Furthermore, they are actually not related to "Unauthenticated users" per se. Instead, it is more correct to use the term " a malicious user already connected to the system", since PTK makes an extensive User Auth Check since its beta version. Finally, all those supposed issues are already fixed in PTK Forensic 1.0.5 version, which has been released jan 23 2009.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.