lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070727072532.15574.qmail@securityfocus.com>
Date: 27 Jul 2007 07:25:32 -0000
From: announce@...akpointsecurity.net
To: bugtraq@...urityfocus.com
Subject: Breakpoint Security: Encase Pre-Advisory

Breakpoint Security Advisory

Affected Vendor:

Guidance Software

Affected Products:

Encase 5.0 and possibly other version

Background:

    With Encase's recent response to the iSec's security report and their ability to both market their product while at the same time minimizing their products issues, Breakpoint Security decided to advise Encase to take their software's assurance a bit more serious.  In the course of 6 hours researchers from Breakpoint Security conducted not so intensive tests of about 10 scenarios utilizing specialized proprietary software like dd, xxd and ultraedit. 
    As a result of this testing regimen, Breakpoint Security was able to identify multiple bugs in Encase.  All the testing done OBVIOUSLY involved intentionally corrupted files. We contend that any issues found in software written for forensic purposes must not fall victim to possibly infected images.  While this problem may simply postpone an investigation, other more critical issues could result in more intrusive actions.

 

Vulnerability Details:

Vulnerability details will be disclosed at a later date. The vulnerability resides in Encase's file system parsing. The malicious user can force encase into an infinite recursion loop, exhausting the stack.

 

Credit:

Breakpoint Security Research Team http://www.breakpointsecurity.net/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ