Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
1 vulnerability by retrospect
CVE-2015-2864 (GCVE-0-2015-2864)
Vulnerability from cvelistv5 – Published: 2015-09-21 10:00 – Updated: 2024-08-06 05:32
VLAI
Summary
Retrospect and Retrospect Client before 10.0.2.119 on Windows, before 12.0.2.116 on OS X, and before 10.0.2.104 on Linux improperly generate password hashes, which makes it easier for remote attackers to bypass authentication and obtain access to backup files by leveraging a collision.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/101500 | third-party-advisoryx_refsource_CERT-VN |
| http://www.retrospect.com/support/kb/cve_2015_2864 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/75201 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1033948 | vdb-entryx_refsource_SECTRACK |
| https://www.youtube.com/watch?v=MB8AL5u7JCA | x_refsource_MISC |
Date Public
2015-06-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:32:19.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#101500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/101500"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.retrospect.com/support/kb/cve_2015_2864"
},
{
"name": "75201",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75201"
},
{
"name": "1033948",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033948"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=MB8AL5u7JCA"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Retrospect and Retrospect Client before 10.0.2.119 on Windows, before 12.0.2.116 on OS X, and before 10.0.2.104 on Linux improperly generate password hashes, which makes it easier for remote attackers to bypass authentication and obtain access to backup files by leveraging a collision."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T21:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#101500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/101500"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.retrospect.com/support/kb/cve_2015_2864"
},
{
"name": "75201",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75201"
},
{
"name": "1033948",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033948"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.youtube.com/watch?v=MB8AL5u7JCA"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-2864",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Retrospect and Retrospect Client before 10.0.2.119 on Windows, before 12.0.2.116 on OS X, and before 10.0.2.104 on Linux improperly generate password hashes, which makes it easier for remote attackers to bypass authentication and obtain access to backup files by leveraging a collision."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#101500",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/101500"
},
{
"name": "http://www.retrospect.com/support/kb/cve_2015_2864",
"refsource": "CONFIRM",
"url": "http://www.retrospect.com/support/kb/cve_2015_2864"
},
{
"name": "75201",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75201"
},
{
"name": "1033948",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033948"
},
{
"name": "https://www.youtube.com/watch?v=MB8AL5u7JCA",
"refsource": "MISC",
"url": "https://www.youtube.com/watch?v=MB8AL5u7JCA"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-2864",
"datePublished": "2015-09-21T10:00:00.000Z",
"dateReserved": "2015-04-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T05:32:19.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}