CVE-2015-2864

Sažetak

Retrospect and Retrospect Client before 10.0.2.119 on Windows, before 12.0.2.116 on OS X, and before 10.0.2.104 on Linux improperly generate password hashes, which makes it easier for remote attackers to bypass authentication and obtain access to backup files by leveraging a collision.

Reference

http://www.kb.cert.org/vuls/id/101500
http://www.retrospect.com/support/kb/cve_2015_2864
http://www.securityfocus.com/bid/75201
http://www.securitytracker.com/id/1033948
https://www.youtube.com/watch?v=MB8AL5u7JCA

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

07-12-2016 - 18:10

Objavljeno

21-09-2015 - 10:59