Retrospect Client < 6.5.138 / 7.0.109 Malformed Packet DoS

Medium Nessus Network Monitor Plugin ID 3461

Synopsis

The remote backup client is susceptible to denial of service attacks.

Description

According to its version number, the installed instance of Retrospect Client for Windows reportedly will stop working if it receives a packet starting with a specially-crafted sequence of bytes. An unauthenticated remote attacker may be able to leverage this flaw to prevent the affected host from being backed up.

Solution

Upgrade to version 6.5.138, 7.0.109 or higher.

See Also

http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=8361&amp;r=0.5648157

http://www.securityfocus.com/archive/1/426652/30/0/threaded

Plugin Details

Severity: Medium

ID: 3461

File Name: 3461.prm

Family: Generic

Published: 2006/03/06

Modified: 2016/01/21

Nessus ID: 20996

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2006-0995

BID: 16933