Network Backup Program Patched
Thursday, June 18, 2015 @ 01:06 PM gHale
The network backup utility for Mac, Linux, and Windows, Retrospect, mitigated a password hashing hole where attackers could gain access to a user’s backed-up files.
Only users who employed password protection for their backup files ended up affected by the vulnerability.
A password hash allowed attackers access to the backed-up information. Attackers were able to take advantage of the bad application design. It allowed for weak password hashes to generate only from certain portions of the password strings.
Password hash collision attacks work by generating a hash out of strings until one matches the hash of the real password, this allowed the attacker to authenticate himself on Retrospect clients and access the backup files.
To get in, the attacker would need access to a network Retrospect clients ended up connected to.
The vulnerability detailed in CVE-2015-2864 affects all Retrospect clients. There is a patch for the hole in Retrospect 10.0.2 for Windows, Retrospect Client 10.0.2 for Windows, Retrospect 12.0.2 for Mac, Retrospect Client 12.0.2 for Mac, and Retrospect Client 10.0.2 for Linux.
Considering how only password-protected backup archives ended up affected, Retrospect said clients should use their public key authentication method instead. To go that route, the company set up a page with step-by-step instructions on the company’s support website.