CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 0CVE-2008-3290
https://notcve.org/view.php?id=CVE-2008-3290
retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a denial of service (daemon crash) via a series of long packets containing 0x00 characters to TCP port 497 that trigger memory corruption, probably involving an English product version on a Chinese OS version. retroclient.exe en EMC Dantz Retrospect Backup Client 7.5.116 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante una serie de paquetes largos que contienen caracteres 0x00 al puerto TCP 497 que dispara corrupción de memoria, involucrando probablemente una versión de producto inglesa en una versión del sistema operativo china. • http://kb.dantz.com/display/2/articleDirect/index.asp?aid=9692&r=0.5160639 http://secunia.com/advisories/31186 http://securityreason.com/securityalert/4024 http://www.fortiguardcenter.com/advisory/FGA-2008-16.html http://www.securityfocus.com/archive/1/494564/100/0/threaded http://www.securityfocus.com/bid/30306 http://www.vupen.com/english/advisories/2008/2150/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43928 • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 0CVE-2008-3287
https://notcve.org/view.php?id=CVE-2008-3287
retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a denial of service (daemon crash) via malformed packets to TCP port 497, which trigger a NULL pointer dereference. retroclient.exe en EMC Dantz Retrospect Backup Client 7.5.116 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante paquetes TCP mal formados al puerto 497, lo que dispara una referencia a puntero nulo. • http://kb.dantz.com/display/2/articleDirect/index.asp?aid=9692&r=0.5160639 http://secunia.com/advisories/31186 http://securityreason.com/securityalert/4031 http://www.fortiguardcenter.com/advisory/FGA-2008-16.html http://www.securityfocus.com/archive/1/494562/100/0/threaded http://www.securityfocus.com/bid/30313 http://www.vupen.com/english/advisories/2008/2150/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43926 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2008-3288
https://notcve.org/view.php?id=CVE-2008-3288
The Server Authentication Module in EMC Dantz Retrospect Backup Server 7.5.508 uses a "weak hash algorithm," which makes it easier for context-dependent attackers to recover passwords. El Server Authentication Module de EMC Dantz Retrospect Backup Server 7.5.508 utiliza un "algoritmo hash débil", lo que facilita a atacantes dependientes del contexto recuperar contraseñas. • http://kb.dantz.com/display/2/articleDirect/index.asp?aid=9692&r=0.5160639 http://secunia.com/advisories/31186 http://securityreason.com/securityalert/4026 http://www.fortiguardcenter.com/advisory/FGA-2008-16.html http://www.securityfocus.com/archive/1/494636/100/0/threaded http://www.securityfocus.com/bid/30319 http://www.securitytracker.com/id?1020534 http://www.vupen.com/english/advisories/2008/2150/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43935 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 84%CPEs: 4EXPL: 0CVE-2006-2391
https://notcve.org/view.php?id=CVE-2006-2391
Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497. • http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9511 http://secunia.com/advisories/20080 http://securitytracker.com/id?1016063 http://securitytracker.com/id?1016136 http://www.acrossecurity.com/aspr/ASPR-2006-05-17-1-PUB.txt http://www.kb.cert.org/vuls/id/186944 http://www.securityfocus.com/archive/1/434726/100/0/threaded http://www.securityfocus.com/bid/17948 http://www.securityfocus.com/bid/18064 http://www.vupen.com/english/advisories/2006/1766 https& •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2006-2154
https://notcve.org/view.php?id=CVE-2006-2154
EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog. • http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9507&r=0.7344324 http://secunia.com/advisories/19850 http://www.securityfocus.com/bid/17798 http://www.vupen.com/english/advisories/2006/1612 https://exchange.xforce.ibmcloud.com/vulnerabilities/26226 •