CVE-2019-1010065
https://notcve.org/view.php?id=CVE-2019-1010065
The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The impact is: Opening crafted disk image triggers crash in tsk/fs/hfs_dent.c:237. The component is: Overflow in fls tool used on HFS image. Bug is in tsk/fs/hfs.c file in function hfs_cat_traverse() in lines: 952, 1062. The attack vector is: Victim must open a crafted HFS filesystem image. • https://github.com/sleuthkit/sleuthkit/commit/114cd3d0aac8bd1aeaf4b33840feb0163d342d5b https://issuetracker.google.com/issues/77809383 https://lists.debian.org/debian-lts-announce/2022/06/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6VXDAP6SEO3RCDCZITTFGNZGSVPE5CTY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGWCQIZKTDCJO4YGL5LGPYFNOVU7SJRX • CWE-190: Integer Overflow or Wraparound •
CVE-2018-1000838
https://notcve.org/view.php?id=CVE-2018-1000838
autopsy version <= 4.9.0 contains a XML External Entity (XXE) vulnerability in CaseMetadata XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Specially crafted CaseMetadata. autopsy, en versiones iguales o anteriores a la 4.9.0, contiene una vulnerabilidad de XEE (XML External Entity) en el analizador de XML CaseMetadata que puede resultar en la divulgación de datos confidenciales, una denegación de servicio (DoS), Server-Side Request Forgery (SSRF) o el escaneo de puertos. Este ataque parece ser explotable mediante un archivo CaseMetadata especialmente manipulado. • https://0dd.zone/2018/10/28/autopsy-XXE https://github.com/sleuthkit/autopsy/issues/4236 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2018-19497
https://notcve.org/view.php?id=CVE-2018-19497
In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service (SEGV on unknown address with READ memory access in a tsk_getu16 call in hfs_dir_open_meta_cb in tsk/fs/hfs_dent.c). En The Sleuth Kit (TSK) hasta la version 4.6.4, hfs_cat_traverse en tsk/fs/hfs.c no determina correctamente cuando una longitud de clave es demasiado grande, lo que permite a los atacantes causar una denegación de servicio (SEGV en dirección desconocida con acceso de memoria READ en una llamada tsk_getu16 en hfs_dir_open_meta_cb en tsk/fs/hfs_dent.c). • https://github.com/sleuthkit/sleuthkit/commit/bc04aa017c0bd297de8a3b7fc40ffc6ddddbb95d https://github.com/sleuthkit/sleuthkit/pull/1374 https://lists.debian.org/debian-lts-announce/2018/12/msg00008.html https://lists.debian.org/debian-lts-announce/2022/06/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZXFYOOMSP7NWRTSO4XXGHXAY3CJNAJ6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLSVLDQLPGKRHHBPYUXVJJPAID6CYBXD • CWE-125: Out-of-bounds Read •
CVE-2018-11740
https://notcve.org/view.php?id=CVE-2018-11740
An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack. Se ha descubierto un problema en libtskbase.a en The Sleuth Kit (TSK), desde la versión 4.0.2 hasta la 4.6.1. Se ha encontrado una lectura fuera de límites de una región de memoria en la función tsk_UTF16toUTF8 en tsk/base/tsk_unicode.c que podría ser aprovechada por un atacante para revelar información o manipulada para ser leída desde la memoria no mapeada, lo que provocaría una denegación de servicio (DoS). • https://github.com/sleuthkit/sleuthkit/issues/1264 • CWE-125: Out-of-bounds Read •
CVE-2018-11739
https://notcve.org/view.php?id=CVE-2018-11739
An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack. Se ha descubierto un problema en libtskimg.a en The Sleuth Kit (TSK), desde la versión 4.0.2 hasta la 4.6.1. Se ha encontrado una lectura fuera de límites de una región de memoria en la función raw_read en tsk/img/raw.c que podría ser aprovechada por un atacante para revelar información o manipulada para ser leída desde la memoria no mapeada, lo que provocaría una denegación de servicio (DoS). • https://github.com/sleuthkit/sleuthkit/issues/1267 • CWE-125: Out-of-bounds Read •