EMC Retrospect Weak Hash Algorithm Insecure Password Weakness
BID:30319
Info
EMC Retrospect Weak Hash Algorithm Insecure Password Weakness
| Bugtraq ID: | 30319 |
| Class: | Design Error |
| CVE: |
CVE-2008-3288 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 21 2008 12:00AM |
| Updated: | May 07 2015 05:25PM |
| Credit: | Zhenhua Liu of Fortinet's FortiGuard Global Security Research Team |
| Vulnerable: |
EMC Retrospect for Windows 7.5.508 |
| Not Vulnerable: |
EMC Retrospect for Windows 7.6 |
Discussion
EMC Retrospect Weak Hash Algorithm Insecure Password Weakness
EMC Retrospect is prone to an insecure password-hash weakness.
Attackers can exploi this issue in conjunction with other latent vulnerabilities to gain unauthorized access to the affected application.
EMC Retrospect is prone to an insecure password-hash weakness.
Attackers can exploi this issue in conjunction with other latent vulnerabilities to gain unauthorized access to the affected application.
Exploit / POC
EMC Retrospect Weak Hash Algorithm Insecure Password Weakness
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
EMC Retrospect Weak Hash Algorithm Insecure Password Weakness
Solution:
The vendor has released fixes. Please see the references for more information.
EMC Retrospect for Windows 7.5.508
Solution:
The vendor has released fixes. Please see the references for more information.
EMC Retrospect for Windows 7.5.508
-
EMC Retro-EN_7_6_111.exe
http://download.dantz.com/archives/Retro-EN_7_6_111.exe
References
EMC Retrospect Weak Hash Algorithm Insecure Password Weakness
References:
References: