EMC Retrospect Backup Client Password Hash Information Disclosure Vulnerability
BID:30308
Info
EMC Retrospect Backup Client Password Hash Information Disclosure Vulnerability
| Bugtraq ID: | 30308 |
| Class: | Design Error |
| CVE: |
CVE-2008-3289 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 21 2008 12:00AM |
| Updated: | May 07 2015 05:27PM |
| Credit: | Zhenhua Liu of Fortinet's FortiGuard Global Security Research Team |
| Vulnerable: |
EMC Retrospect Backup Client for Windows 7.5.116 EMC Retrospect Backup Client for Solaris 7.5.116 EMC Retrospect Backup Client for Red Hat Linux 7.5.116 EMC Retrospect Backup Client for Macintosh 6.1 EMC Retrospect Backup Client 7.5.116 |
| Not Vulnerable: |
EMC Retrospect Backup Client for Windows 7.6.106 EMC Retrospect Backup Client for Solaris 7.6.100 EMC Retrospect Backup Client for Red Hat Linux 7.6.100 EMC Retrospect Backup Client for Macintosh 6.1.130 EMC Retrospect Backup Client 7.6.100 |
Discussion
EMC Retrospect Backup Client Password Hash Information Disclosure Vulnerability
EMC Retrospect Backup Client is prone to an information-disclosure vulnerability.
Exploiting this issue can allow attackers to access password hash data that will aid in further attacks.
Retrospect Backup Client 7.5.116 is vulnerable; other versions may also be affected.
EMC Retrospect Backup Client is prone to an information-disclosure vulnerability.
Exploiting this issue can allow attackers to access password hash data that will aid in further attacks.
Retrospect Backup Client 7.5.116 is vulnerable; other versions may also be affected.
Exploit / POC
EMC Retrospect Backup Client Password Hash Information Disclosure Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
EMC Retrospect Backup Client Password Hash Information Disclosure Vulnerability
Solution:
The vendor has released fixes. Please see the references for more information.
EMC Retrospect Backup Client for Solaris 7.5.116
EMC Retrospect Backup Client for Red Hat Linux 7.5.116
EMC Retrospect Backup Client for Windows 7.5.116
Solution:
The vendor has released fixes. Please see the references for more information.
EMC Retrospect Backup Client for Solaris 7.5.116
-
EMC Solaris_Client-7_6_100.tar
http://download.dantz.com/archives/Solaris_Client-7_6_100.tar
EMC Retrospect Backup Client for Red Hat Linux 7.5.116
-
EMC Linux_Client-7_6_100.rpm
http://download.dantz.com/archives/Linux_Client-7_6_100.rpm
EMC Retrospect Backup Client for Windows 7.5.116
-
EMC Client-Win-EN-7_6_106.exe
http://download.dantz.com/archives/Client-Win-EN-7_6_106.exe
References
EMC Retrospect Backup Client Password Hash Information Disclosure Vulnerability
References:
References: