Retrospect Client Malformed Packet DoS

medium Nessus Plugin ID 20996

Synopsis

The remote backup client is susceptible to denial of service attacks.

Description

According to its version number, the installed instance of Retrospect Client for Windows reportedly will stop working if it receives a packet starting with a specially crafted sequence of bytes. An unauthenticated, remote attacker may be able to leverage this flaw to prevent the affected host from being backed up.

Solution

Upgrade to Retrospect Client for Windows version 6.5.138 / 7.0.109 or later.

See Also

https://www.securityfocus.com/archive/1/426652/30/0/threaded

http://www.nessus.org/u?ad9dbb3d

Plugin Details

Severity: Medium

ID: 20996

File Name: retrospect_client_dos.nasl

Version: 1.17

Type: remote

Family: Misc.

Published: 3/3/2006

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 3/2/2006

Reference Information

CVE: CVE-2006-0995

BID: 16933