| |||||||||||||||||||
Mageia alert MGASA-2013-0031 (sleuthkit)
MGASA-2013-0031 Date: February 6th, 2013 Affected releases: 2 Media: Core Description: Updated sleuthkit packages fix security vulnerabilities: A security flaw was found in the way the Sleuth Kit (TSK), a collection of UNIX-based command line tools allowing to investigate a computer, performed management of '.' (dotfile) file system entry. An attacker could use this flaw to evade detection by forensic analysis (hide certain files not to be scanned) by renaming the file in question it to be '.' file system entry. The original reports speaks about this attack vector to be present when scanning FAT (File Allocation Table) file system. It is possible though, the flaw to be present on other file systems, which do not reserve usage of '.' entry for special purpose, too. Updated Packages: i586: libtsk3_9-4.0.1-1.mga2.i586.rpm libtsk3-devel-4.0.1-1.mga2.i586.rpm sleuthkit-4.0.1-1.mga2.i586.rpm sleuthkit-debug-4.0.1-1.mga2.i586.rpm x86_64: lib64tsk3_9-4.0.1-1.mga2.x86_64.rpm lib64tsk3-devel-4.0.1-1.mga2.x86_64.rpm sleuthkit-4.0.1-1.mga2.x86_64.rpm sleuthkit-debug-4.0.1-1.mga2.x86_64.rpm SRPMS: sleuthkit-4.0.1-1.mga2.src.rpm References: http://www.openwall.com/lists/oss-security/2012/12/01/2 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5619 https://bugzilla.redhat.com/show_bug.cgi?id=883330 https://bugs.mageia.org/show_bug.cgi?id=8800 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-... (Log in to post comments)
|
|||||||||||||||||||