VMDg / MountV resources fail to online or probe when the 'Microsoft MS10-066: Vulnerability in remote procedure call could allow remote code execution' security fix is applied

Article:TECH140245  |  Created: 2010-09-17  |  Updated: 2014-01-31  |  Article URL http://www.symantec.com/docs/TECH140245
NOTE: If you are experiencing this particular known issue, we recommend that you Subscribe to receive email notification each time this article is updated. Subscribers will be the first to learn about any releases, status changes, workarounds or decisions made.
Article Type
Technical Solution


Environment

Issue



When one or more of the following Microsoft Security Patches

MS10-066 - Vulnerability in Remote Procedure Call Could Allow Remote Code Execution (KB982802) or

MS10-084 - Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (KB2360937 or KB2849470) or 

MS13-102 - Vulnerability in LRPC Client Could Allow Elevation of Privilege (KB2898715

are installed on Microsoft Windows 2003 SP2 x64 or IA64, the following symptoms can occur:

  • An existing Volume Manager Disk group (VMDg) resource in a Microsoft Cluster Server (MSCS) configuration cannot be brought online.
  • A new VMDG resource in a MSCS configuration cannot be created.
  • An existing VMDg or MountV resource in a Veritas Storage Foundation for Windows High Availability (SFW-HA) configuration cannot be probed.
  • An existing VMDG or MountV resource in a SFW-HA configuration cannot be brought online.
  • An existing VMDG or MountV resource in a SFW-HA configuration cannot be created using any wizards.

 


Error



Examples of errors found within Microsoft Windows, MSCS, SFW, and SFW-HA logs:

MSCS cluster.log:
ERR   [RES] Volume Manager Disk Group <DGResName>: Dg-Guid is Null
ERR   [RES] Volume Manager Disk Group <DGResName>: LDM_RESOnlineThread: can't get dgid
INFO  [RES] Volume Manager Disk Group <DGResName>: LDM_RESOnlineThread: <<< Exiting LDM_RESOnlineThread
 
MSCS GUI popup error when trying to create a Veritas Volume Manager Disk Group resource:
VXRESEXT: a cluster resource failed
 
SFW vxisis log:
5348:cluster: ClusEventThread --- Can't get handle for MSCS resource '<DG Resource Name>' (error 5007).
 
SFW-HA/VCS VMDg_A.txt:
VCS ERROR V-16-10051-9515 VMDg: <diskgroup name>:online:Init diskgroup : Unrecognized error code. 800706C6
VCS DBG_21 V-16-50-0 VMDg: <diskgroup name>:online:Init diskgroup : Unrecognized error code. 800706C6         VMDg.c:VMDg_online[1430]
 
SFW-HA/VCS MountV_A.txt:
VCS DBG_21 V-16-50-0 MountV:<NAME>_MOUNTV:monitor:GetDgVolumeGuid failed. Error: -2147023162    LibVMObj.cpp:VLibVMObj::GetVolGUID[1176]
VCS DBG_21 V-16-50-0 MountV:<NAME>_MOUNTV:monitor:vxVolume open failed MountV.c:MountV_monitor[382]
 
Application Event Log errors:
ERROR       9515(0x05ea252b)             AgentFramework   <server name>       VMDg: <diskgroup name>:online:Init diskgroup : Unrecognized error code. 800706C6 VCS DBG_21 V-16-50-0 VMDg:<diskgroup name>:online:GetDgGuid failed. Error: -2147023162 LibVMObj.cpp:VLibVMObj::GetDgGuidW[1426]

Environment



Microsoft Windows Server 2003 SP2 x64 or IA64 with KB982802, KB2360937, KB2849470 or KB2898715 hotfix installed.
Veritas Storage Foundation for Windows with the Microsoft Cluster Server option 4.3 MP1 x64 or IA64 thru 5.1SP1

Veritas Storage Foundation for Windows High Availability 4.3 MP1 x64 or IA64 thru 5.1SP1

Veritas Cluster Server 4.3 MP1 x64 or IA64 thru 5.1SP1 


Cause



Exception occurs during an RPC request between VxBridge.exe and cluscmd.dll upon applying the MS10-066 or MS10-084 or MS13-102 Security Patch.

 


Solution



Symantec has identified the issue and is addressing the issue with patches specific to installed product listed below. This issue has also been resolved by installing SFW 5.1 SP2 or higher.

 

Please subscribe to this technical article and/or via the Symantec Operations Readiness Tools site (SORT) for updates regarding the issue and additional fixes for additional versions.

 

Please contact Symantec Technical Support for additional questions or concerns regarding this update.

 

Patches are now available for some versions.

 

SFW 5.1 SP1 (64-bit) and SFW 5.1 SP1AP1 (64-bit) - sfw-Hotfix_5_1_10037_585_2147847

https://sort.symantec.com/patch/detail/4373

 

SFW 5.1 AP1 (64-bit)
https://sort.symantec.com/patch/detail/4263

SFW 5.1 GA (64-bit) - sfw-Hotfix.5_1.00058.400.2144064
https://sort.symantec.com/patch/detail/4253

SFW 5.0 RP2 (64-bit) - sfw-win64-5.0.307.326.2147879
https://sort.symantec.com/patch/detail/4160

SFW 5.0 RP1a (64-bit) - sfw-win64-5.0.251.319.2159443

https://sort.symantec.com/patch/detail/4215

 

SFW 5.0 GA (64-bit) - sfw-5.0.57.297.2164117HF

https://sort.symantec.com/patch/detail/4228

 

SFW 4.3 MP2 (64-bit) - sfw-4.3.2055.359.2165203HF

https://sort.symantec.com/patch/detail/4234

 

SFW 4.3 MP1 (64-bit) - sfw-win64-4.3.1067.350.2165003a

https://sort.symantec.com/patch/detail/4207

 

SFW 4.3 GA (64-bit)
This version is not supported on Windows Server 2003 SP2 on any platform so the issue should not be present. If this version is installed on Windows Server 2003 SP2 and is experiencing the issues described in this KB article, please upgrade to a supported version of SFW or SFW-HA that runs on Windows Server 2003 SP2 where a fix is available.

Please use the following URL to check for currently available patches:
https://sort.symantec.com/search  


Supplemental Materials

SourceETrack
Value2147847
Description

5.1 SP1 and 5.1 SP1AP1- Installation of MS Hotfix 982802 RPC vulnerability causes issues with MSCS VMDg resources and SFW-HA MountV resources failing to probe or online.

 


SourceETrack
Value2144064
Description

5.1 GA - Installation of MS Hotfix 982802 RPC vulnerability causes issues with MSCS VMDg resources and SFW-HA MountV resources failing to probe or online.

 


SourceETrack
Value2147879
Description

5.0 RP2 - Installation of MS Hotfix 982802 RPC vulnerability causes issues with MSCS VMDg resources and SFW-HA MountV resources failing to probe or online.

 


SourceETrack
Value2165003
Description

4.3 MP1 - Installation of MS Hotfix 982802 RPC vulnerability causes issues with MSCS VMDg resources and SFW-HA MountV resources failing to probe or online.

 




Article URL http://www.symantec.com/docs/TECH140245


Terms of use for this information are found in Legal Notices