Intrusion Prevention

EMC.Dantz.Retrospect.Backup.Agent.DoS

Description

This indicates an attack attempt against a Buffer Overflow vulnerability in the EMC Retrospect Backup agent.
The vulnerability is caused by an improper handling of specially crafted packets. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via crafted packets.

Affected Products

EMC Retrospect Client for Windows version 6.5
EMC Retrospect Client for Windows version 7.0
EMC Retrospect Client for Windows version 7.5
EMC Retrospect Client for Macintosh version 5.1
EMC Retrospect Client for Macintosh version 6.1
EMC Retrospect Client for Linux version 6.5
EMC Retrospect Client for Linux version 7.0
EMC Retrospect Client for Linux version 7.5
EMC Retrospect Client for Solaris version 6.5
EMC Retrospect Client for Solaris version 7.0
EMC Retrospect Client for Solaris version 7.5
EMC Retrospect Client for NetWare version 1.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site:
http://kb.dantz.com/article.asp?article=9511&p=2

CVE References

CVE-2006-2391 CVE-2006-0995