CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 0CVE-2008-3290
https://notcve.org/view.php?id=CVE-2008-3290
retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a denial of service (daemon crash) via a series of long packets containing 0x00 characters to TCP port 497 that trigger memory corruption, probably involving an English product version on a Chinese OS version. retroclient.exe en EMC Dantz Retrospect Backup Client 7.5.116 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante una serie de paquetes largos que contienen caracteres 0x00 al puerto TCP 497 que dispara corrupción de memoria, involucrando probablemente una versión de producto inglesa en una versión del sistema operativo china. • http://kb.dantz.com/display/2/articleDirect/index.asp?aid=9692&r=0.5160639 http://secunia.com/advisories/31186 http://securityreason.com/securityalert/4024 http://www.fortiguardcenter.com/advisory/FGA-2008-16.html http://www.securityfocus.com/archive/1/494564/100/0/threaded http://www.securityfocus.com/bid/30306 http://www.vupen.com/english/advisories/2008/2150/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43928 • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 0CVE-2008-3287
https://notcve.org/view.php?id=CVE-2008-3287
retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a denial of service (daemon crash) via malformed packets to TCP port 497, which trigger a NULL pointer dereference. retroclient.exe en EMC Dantz Retrospect Backup Client 7.5.116 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante paquetes TCP mal formados al puerto 497, lo que dispara una referencia a puntero nulo. • http://kb.dantz.com/display/2/articleDirect/index.asp?aid=9692&r=0.5160639 http://secunia.com/advisories/31186 http://securityreason.com/securityalert/4031 http://www.fortiguardcenter.com/advisory/FGA-2008-16.html http://www.securityfocus.com/archive/1/494562/100/0/threaded http://www.securityfocus.com/bid/30313 http://www.vupen.com/english/advisories/2008/2150/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43926 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2008-3289
https://notcve.org/view.php?id=CVE-2008-3289
EMC Dantz Retrospect Backup Client 7.5.116 sends the password hash in cleartext at an unspecified point, which allows remote attackers to obtain sensitive information via a crafted packet. EMC Dantz Retrospect Backup Client 7.5.116 envía el hash de la contraseña en texto claro en un punto no especificado, lo que permite a atacantes remotos obtener información sensible mediante un paquete manipulado. • http://kb.dantz.com/display/2/articleDirect/index.asp?aid=9692&r=0.5160639 http://secunia.com/advisories/31186 http://securityreason.com/securityalert/4025 http://www.fortiguardcenter.com/advisory/FGA-2008-16.html http://www.securityfocus.com/archive/1/494560/100/0/threaded http://www.securityfocus.com/bid/30308 http://www.vupen.com/english/advisories/2008/2150/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43930 • CWE-319: Cleartext Transmission of Sensitive Information •