Updated:  March 13, 2009

Status

Affected

Vendor Statement

The supposed vulnerabilities underlined in the advisory have a very low impact in a real computer forensic environment, as explained in the FAQ file http://ptk.dflabs.com/faq.html . Furthermore, they are actually not related to "Unauthenticated users" per se. Instead, it is more correct to use the term " a malicious user already connected to the system", since PTK makes an extensive User Auth Check since its beta version. Finally, all those supposed issues are already fixed in PTK Forensic 1.0.5 version, which has been released jan 23 2009.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.