Sebastian Muiz

**Name of the Vulnerable Software and Affected Versions** Timbuktu Pro versions 8.6.5 for Windows, and possibly 8.7 for Mac OS X **Description** The issue allows remote attackers to generate crafted log entries by modifying certain fields, including `computer name`, `user name`, and `IP address`, potentially avoiding detection of attacks. This is due to the lack of input validation before logging information fields taken from packets from a remote peer. **Recommendations** For Timbuktu Pro version 8.6.5 on Windows, consider implementing input validation for log information fields to prevent crafted log entries. For Timbuktu Pro version 8.7 on Mac OS X, if affected, apply the same input validation measures as for the Windows version to mitigate the risk.