DFLabs Information for VU#845747
PTK contains multiple vulnerabilities
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 13 Mar 2009
The supposed vulnerabilities underlined in the advisory have a very low impact in a real computer forensic environment, as explained in the FAQ file http://ptk.dflabs.com/faq.html . Furthermore, they are actually not related to "Unauthenticated users" per se. Instead, it is more correct to use the term " a malicious user already connected to the system", since PTK makes an extensive User Auth Check since its beta version. Finally, all those supposed issues are already fixed in PTK Forensic 1.0.5 version, which has been released jan 23 2009.
The vendor has not provided us with any further information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.