[NT] EMC Retrospect Local Privilege Escalation
- From: SecuriTeam <support@xxxxxxxxxxxxxx>
- Date: 1 May 2006 13:15:38 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
EMC Retrospect Local Privilege Escalation
------------------------------------------------------------------------
SUMMARY
<http://www.emcinsignia.com/products/smb/retroforwin/> EMC Retrospect is
a network backup client designed for small to mid-sized businesses.
There are two privilege escalation vulnerabilities in EMC Retrospect
application.
DETAILS
Vulnerable Systems:
* Retrospect Application for Windows versions 7.5, 7.0 and 6.5 (without
security update installed)
Immune Systems:
* Retrospect Application for Windows versions 7.5.1.105, 7.0.344 and
6.5.382 (check the details below)
EMC Retrospect Application Local Access Vulnerability:
If an unauthorized person gets access to the backup server, they can
launch Retrospect and take advantage of the fact that Retrospect runs with
administrator privileges by using the File>Open command within Retrospect
to run an executable, which will execute with all the privileges of
Retrospect, creating a local security risk.
EMC Retrospect Application Launcher Service Vulnerability:
If an unauthorized user replaces the Retrospect.exe executable with
another application which has the name Retrospect.exe the launcher will
launch it and run it with System account privileges (or whatever is
specified in the RBU).
Fix:
These problems have been resolved in the latest updates to the Retrospect
Application for Windows versions 7.5, 7.0 and 6.5 software. All customers
who use Retrospect Software versions 6.5, 7.0 or 7.5 are encouraged to
download and install the latest Retrospect updates.
Retrospect 7.5 Users:
The above security issues are fixed in Retrospect Driver Update 7.5.1.105.
Users of the Retrospect 7.5 Automatic Updates feature will automatically
be asked if they would like to download and install this update. The above
link can also be used to download the update installer.
Retrospect and Retrospect Express 7.0 Users:
Before you download and install the 7.0.344 Application Security Update to
fix the above issues you must make sure that Retrospect 7.0.326 or
Retrospect Express 7.0.301 or later has already been installed on your
computer.
Retrospect 6.5 and Retrospect Express Users:
Before you download and install the 6.5.382 Application Security Update to
fix thee above issues you must make sure that Retrospect 6.5.350 or
Retrospect Express 6.5.350 has already been installed on your computer.
ADDITIONAL INFORMATION
The information has been provided by
<mailto:securitymailinglists@xxxxxxxxx> securitymailinglists.
The related article can be found at:
<http://kb.dantz.com/article.asp?article=9507&p=2>
http://kb.dantz.com/article.asp?article=9507&p=2
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Prev by Date: [UNIX] IBM AIX mklvcopy Privilege Escalation
- Next by Date: [NEWS] Cisco VPN 3000 DoS
- Previous by thread: [UNIX] IBM AIX mklvcopy Privilege Escalation
- Next by thread: [NEWS] Cisco VPN 3000 DoS
- Index(es):
Relevant Pages
|
