TITLE:
EMC Retrospect Client Denial of Service Vulnerability

SECUNIA ADVISORY ID:
SA19097

VERIFY ADVISORY:
http://secunia.com/advisories/19097/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
>From local network

SOFTWARE:
EMC Retrospect Client for Windows 7.x
http://secunia.com/product/8531/
EMC Retrospect Client for Windows 6.x
http://secunia.com/product/8530/

DESCRIPTION:
A vulnerability has been reported in EMC Retrospect Client for
Windows, which can be exploited by malicious people to cause a DoS
(Denial of Service).

The vulnerability is caused due to an assertion error in the backup
client and can be exploited to cause it to terminate by sending a
specially crafted packet to port 497/tcp.

The vulnerability affects versions 6.5 and 7.0 for Windows.

SOLUTION:
Update to version 6.5.138 and 7.0.109.
http://www.emcinsignia.com/supportupdates/updates/retrospect/archive/

PROVIDED AND/OR DISCOVERED BY:
Discovered by anonymous person and reported via iDEFENSE.

ORIGINAL ADVISORY:
iDEFENSE:
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=398

EMC Corporation:
http://kb.dantz.com/article.asp?article=8361&p=2

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------