TITLE: EMC Retrospect Client Denial of Service Vulnerability SECUNIA ADVISORY ID: SA19097 VERIFY ADVISORY: http://secunia.com/advisories/19097/ CRITICAL: Less critical IMPACT: DoS WHERE: >From local network SOFTWARE: EMC Retrospect Client for Windows 7.x http://secunia.com/product/8531/ EMC Retrospect Client for Windows 6.x http://secunia.com/product/8530/ DESCRIPTION: A vulnerability has been reported in EMC Retrospect Client for Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an assertion error in the backup client and can be exploited to cause it to terminate by sending a specially crafted packet to port 497/tcp. The vulnerability affects versions 6.5 and 7.0 for Windows. SOLUTION: Update to version 6.5.138 and 7.0.109. http://www.emcinsignia.com/supportupdates/updates/retrospect/archive/ PROVIDED AND/OR DISCOVERED BY: Discovered by anonymous person and reported via iDEFENSE. ORIGINAL ADVISORY: iDEFENSE: http://www.idefense.com/intelligence/vulnerabilities/display.php?id=398 EMC Corporation: http://kb.dantz.com/article.asp?article=8361&p=2 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------