CVE-2015-2864 Information

Description

Retrospect and Retrospect Client before 10.0.2.119 on Windows before 12.0.2.116 on OS X and before 10.0.2.104 on Linux improperly generate password hashes which makes it easier for remote attackers to bypass authentication and obtain access to backup files by leveraging a collision.

Reference

http://www.kb.cert.org/vuls/id/101500 http://www.retrospect.com/support/kb/cve_2015_2864 http://www.securityfocus.com/bid/75201 http://www.securitytracker.com/id/1033948 https://www.youtube.com/watch?v=MB8AL5u7JCA