| VID |
23165 |
| Severity |
30 |
| Port |
497 |
| Protocol |
TCP |
| Class |
Daemon |
| Detailed Description |
The Retrospect backup client, according to its version number, is vulnerable to denial of service attacks. EMC Retrospect is a commercial network backup client. EMC Retrospect versions prior to 7.0.109 and 6.5.138 for Microsoft Windows platforms could allow a remote attacker to cause a denial of service (client termination and loss of backup service). By sending a malformed packet to TCP port 497, a remote attacker could cause the backup client to crash.
* References:
http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=8361&r=0.5648157
http://kb.dantz.com/display/2/articleDirect/index.asp?aid=8361&r=0.1231043
http://www.securityfocus.com/archive/1/426652/30/0/threaded
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=398
http://secunia.com/advisories/19097/
* Platforms Affected:
EMC Retrospect Client for Windows versions prior to 6.5.138
EMC Retrospect Client for Windows versions prior to 7.0.109
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of Retrospect Client for Windows (6.5.138 or 7.0.109 or later), as listed in EMC Knowledge Base Article 8361 at http://kb.dantz.com/display/2/articleDirect/index.asp?aid=8361&r=0.1231043 |
| Related URL |
CVE-2006-0995 (CVE) |
| Related URL |
16933 (SecurityFocus) |
| Related URL |
25143 (ISS) |
|
