漏洞信息详情
EMC Dantz Retrospect 客户端 远程缓冲区溢出漏洞
- CNNVD编号:CNNVD-200605-282
- 危害等级: 高危
- CVE编号: CVE-2006-2391
- 漏洞类型: 缓冲区溢出
- 发布时间: 2006-05-15
- 威胁类型: 远程
- 更新时间: 2006-11-30
- 厂 商: emc
- 漏洞来源: Nicolas Pouvesle S...
漏洞简介
EMC Dantz Retrospect是为中小企业设计的备份和灾难恢复系统。
Retrospect客户端软件存在远程缓冲区溢出漏洞,攻击者可以通过向497端口发送畸形报文导致执行任意指令。此漏洞仅影响Retrospect客户端。
漏洞公告
目前厂商还没有提供补丁或者升级程序,建议使用此软件的用户随时关注厂商的主页以获取最新版本: Retrospect Client for Windows 7.5:
http://download.dantz.com/archives/Retro-EN_7_5_116.exe
Retrospect Client for Windows 7.0:
http://download.dantz.com/archives/RetroClient-EN_7_0_112.exe Retrospect Client for Windows 6.5:
> http://download.dantz.com/archives/RetroClient-EN_6_5_140.exe
Retrospect Client for Macintosh 6.1:
http://download.dantz.com/archives/Client_OS_X-6_1_130.dmg Retrospect Client for Macintosh 5.1:
http://download.dantz.com/archives/Classic-Client-EN_5_1_180.sit Retrospect Client for Linux 7.5:
(rpm) - http://download.dantz.com/archives/retroclient-75_linux.rpm
(tar) - http://download.dantz.com/archives/retroclient-75_linux.tar Retrospect Client for Linux 7.0:
(rpm) - http://download.dantz.com/archives/retroclient-70_linux.rpm (tar) - http://download.dantz.com/archives/retroclient-70_linux.tar
Retrospect Client for Linux 6.5:
(rpm) - http://download.dantz.com/archives/retroclient-65_linux.rpm (tar) - http://download.dantz.com/archives/retroclient-65_linux.tar Retrospect Client for Solaris 7.5:
(pkg) - http://download.dantz.com/archives/retroclient-75_solaris.pkg (tar) - http://download.dantz.com/archives/retroclient-75_solaris.tar Retrospect Client for Solaris 7.0:
(pkg) - http://download.dantz.com/archives/retroclient-70_solaris.pkg (tar) - http://download.dantz.com/archives/retroclient-70_solaris.tar Retrospect Client for Solaris 6.5:
(pkg) - http://download.dantz.com/archives/retroclient-65_solaris.pkg
(tar) - http://download.dantz.com/archives/retroclient-65_solaris.tar Retrospect Client for NetWare 1.0:
http://download.dantz.com/archives/Novell-70.zip
参考网址
来源: US-CERT
名称: VU#186944
链接:http://www.kb.cert.org/vuls/id/186944
来源: BID
名称: 17948
链接:http://www.securityfocus.com/bid/17948
来源: VUPEN
名称: ADV-2006-1766
链接:http://www.frsirt.com/english/advisories/2006/1766
来源: SECTRACK
名称: 1016136
链接:http://securitytracker.com/id?1016136
来源: SECTRACK
名称: 1016063
链接:http://securitytracker.com/id?1016063
来源: SECUNIA
名称: 20080
链接:http://secunia.com/advisories/20080
来源: BID
名称: 18064
链接:http://www.securityfocus.com/bid/18064
来源: BUGTRAQ
名称: 20060522 ACROS Security: Buffer Overflow In EMC (previously Dantz) Retroclient Service
链接:http://www.securityfocus.com/archive/1/archive/1/434726/100/0/threaded
来源: MISC
链接:http://www.acrossecurity.com/aspr/ASPR-2006-05-17-1-PUB.txt
来源: kb.dantz.com
链接:http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9511
来源: XF
名称: retrospect-client-bo(26380)
链接:http://xforce.iss.net/xforce/xfdb/26380
受影响实体
- Emc Retrospect_client:7.0
- Emc Retrospect_client:7.5
- Emc Retrospect_client:5.1
- Emc Retrospect_client:6.5
补丁
暂无
评论