ISS X-Force Database: retrospect-client-bo(26380): EMC Retrospect Client Retroclient service buffer overflow

EMC Retrospect Client Retroclient service buffer overflow

retrospect-client-bo (26380)

High Risk

Description:

EMC Retrospect Client is vulnerable to a buffer overflow in the Retroclient service. By sending a specially-crafted packet to port 497 on a client system, a remote attacker could overflow a buffer and cause the client to crash or execute arbitrary code on the system.

Consequences:

Gain Access

Remedy:

Refer to EMC Retrospect Knowledgebase Article 9511 for upgrade information. See References.

References:

ACROS Security Problem Report #2006-05-17-1: Buffer Overflow In Retroclient Service.
BugTraq Mailing List, Mon May 22 2006 - 11:28:42 CDT : ACROS Security: Buffer Overflow In EMC (previously Dantz) Retroclient Service.
EMC Retrospect Knowledgebase Article 9511: Retrospect Client Security Vulnerability Fixes.
BID-17948: EMC Dantz Retrospect Backup Client Remote Buffer Overflow Vulnerability
BID-18064: EMC Retrospect Client Buffer Overflow Vulnerability
CVE-2006-2391: Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497.
SA20080: EMC Retrospect Client Buffer Overflow Vulnerability
SECTRACK ID: 1016063: EMC Retrospect Client Buffer Overflow Lets Remote Users Execute Arbitrary Code
SECTRACK ID: 1016136: EMC Retrospect Client Buffer Overflow Lets Remote Users Deny Service
US-CERT VU#186944: EMC Retrospect Client buffer overflow vulnerability
VUPEN/ADV-2006-1766: EMC Retrospect Client Packets Handling Remote Buffer Overflow Vulnerability

Platforms Affected:

EMC Retrospect Client 5.1
EMC Retrospect Client 6.5
EMC Retrospect Client 7.0
EMC Retrospect Client 7.5

Reported:

May 04, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page