Retrospect, Inc. Information for VU#101500

Retrospect Backup Client uses weak password hashing

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Retrospect has released updates addressing these issues.

Windows users should update to version 10.0.2.119 or later.
Mac users should update to version 12.0.2.116 or later.
Linux users should update to version 10.0.2.104 or later.

The public key authentication method used by Retrospect is unaffected by this vulnerability. Retrospect recommends using public key authentication rather than a password and has provided a knowledge base article to guide users through the setup process.

Vendor References

http://www.retrospect.com/support/kb/cve_2015_2864

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.