Candidate: CVE-2012-5619
PublicDate: 2014-09-29 22:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5619
 http://www.openwall.com/lists/oss-security/2012/12/04/2
Description:
 The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file
 system entries in FAT file systems and other file systems for which . is
 not a reserved name, which allows local users to hide activities it more
 difficult to conduct forensics activities, as demonstrated by Flame.
Ubuntu-Description:
 It was discovered that The Sleuth Kit did not properly handle certain entires
 in FAT file systems. An attacker could use this vulnerability to mislead an
 analyst and obscure their activities.
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695097
 http://sourceforge.net/tracker/?func=detail&aid=3523019&group_id=55685&atid=477889
Priority: low
Discovered-by:
Assigned-to: mikesalvatore
CVSS: 

Patches_sleuthkit:
upstream_sleuthkit: released
hardy_sleuthkit: ignored (reached end-of-life)
lucid_sleuthkit: ignored (reached end-of-life)
oneiric_sleuthkit: ignored (reached end-of-life)
precise_sleuthkit: ignored (reached end-of-life)
precise/esm_sleuthkit: DNE (precise was needed)
quantal_sleuthkit: ignored (reached end-of-life)
raring_sleuthkit: ignored (reached end-of-life)
saucy_sleuthkit: ignored (reached end-of-life)
trusty_sleuthkit: ignored (reached end-of-life)
trusty/esm_sleuthkit: DNE (trusty was needed)

utopic_sleuthkit: not-affected (4.1.3-2)
vivid_sleuthkit: not-affected (4.1.3-2)
vivid/stable-phone-overlay_sleuthkit: DNE
vivid/ubuntu-core_sleuthkit: DNE
wily_sleuthkit: not-affected (4.1.3-2)
xenial_sleuthkit: not-affected (4.1.3-2)
yakkety_sleuthkit: not-affected (4.1.3-2)
zesty_sleuthkit: not-affected (4.1.3-2)
artful_sleuthkit: not-affected (4.1.3-2)
bionic_sleuthkit: not-affected (4.1.3-2)
cosmic_sleuthkit: not-affected (4.1.3-2)
disco_sleuthkit: not-affected (4.1.3-2)
devel_sleuthkit: not-affected (4.1.3-2)