Vulnerabilities > CVE-2007-4196 - Denial Of Service And Buffer Overflow vulnerability in The Sleuth Kit
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL network
brian-carrier
Summary
icat in Brian Carrier The Sleuth Kit (TSK) before 2.09 misinterprets a certain memory location as the holder of a loop iteration count, which allows user-assisted remote attackers to cause a denial of service (long loop) and prevent examination of certain NTFS files via a malformed NTFS image.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://sourceforge.net/mailarchive/message.php?msg_name=A19F11EF-13CA-4940-AFF3-9BE08F67EE22%40sleuthkit.org
- http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf
- http://www.securityfocus.com/archive/1/474809/100/0/threaded
- http://www.securityfocus.com/archive/1/475335/100/0/threaded
- http://www.securityfocus.com/bid/25181