21 Jul 15:45
FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability
From: <zhliu <at> fortinet.com>
Subject: FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability
Newsgroups: gmane.comp.security.full-disclosure, gmane.comp.security.bugtraq
Date: 2008-07-21 13:49:25 GMT
Subject: FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability
Newsgroups: gmane.comp.security.full-disclosure, gmane.comp.security.bugtraq
Date: 2008-07-21 13:49:25 GMT
FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability http://www.fortiguardcenter.com/advisory/FGA-2008-16.html July 20, 2008 -- Affected Vendors: EMC -- Affected Products: EMC Dantz Retrospect 7 backup Client 7.5.116 -- Vulnerability Details: There exists vulnerability in EMC's Retrospect Client 7.5.116. which allows remote attackers to cause a Read Access violation, (Client termination and loss of backup service) via malformed packets to TCP port 497, which triggers an assert error. This is a designed error of EMC Dantz: Using a NULL-Pointer reference by mistake. -- Vendor Response: EMC has issued an update to correct this vulnerability: http://www.emcinsignia.com/updates -- Disclosure Timeline: 2008-04-20 - Vulnerability reported to vendor 2008-06-30 - Vendor issued update 2088-07-20 - Coordinated public release of advisory(Continue reading)
RSS Feed