The Release Notes and Symantec Message Filter version 6.3.0 Patch 231 files

Article:TECH191487  |  Created: 2012-06-22  |  Updated: 2012-07-17  |  Article URL http://www.symantec.com/docs/TECH191487
Article Type
Technical Solution


Issue



This article contains the Release Notes for Symantec Message Filter version 6.3.0 Patch 231 and the patch files.  There are two patch files: one for Windows, called "smf_630_p231_bcc_win.zip", and another one for Linux and Solaris called "smf_630_p231_bcc_linux_sol.tgz".  

Security updates included in this patch are required.


Solution



Patch Release Note 231

Product:    Symantec Message Filter 6.3.0

Platform:   All

Note:           Patch 231 contains security updates for Symantec Message Filter 6.3.0 Brightmail Control Center.

 

IMPORTANT:  This patch is ONLY applicable to the Brightmail Control Center of Symantec Message Filter version 6.3.0.

 

Contents of Patch 231

--------------------------------     

  Component: Control Center

  Summary: an unauthenticated user can access versioning information that reveals old software versions of various components installed with the application. This issue has been resolved.

        

  Component: Control Center

  Summary: Control Center is potentially susceptible to Cross-Site Scripting (XSS) and session hijacking caused by legacy version of Tomcat and default Tomcat content installed by the application installer. The current way of handling some 4xx request using default Tomcat pages could also lead to potential XSS issues. This issue has been resolved.

       

  Component: Control Center

  Summary: Control Center is potentially susceptible to Cross-site Request Forgery (CSRF). This issue has been resolved.

 

  Note: for further information on the issues of XSS and CSRF in Symantec Message Filter version 6.3.0, please refer to Symantec's security advisory page:

        http://www.symantec.com/security_response/securityupdates/list.jsp?fid=security_advisory .

---------------------------------------------------------------------------

 

Installation

============

To install the patch, follow these steps:


UNIX:

Note: This patch requires root access on UNIX platforms.
          This patch requires gtar and gzip to decompress the patch.


1. As the root user, cd to the directory of the LOADPOINT for the Brightmail Control Center.

   To find the LOADPOINT for the Brightmail Control Center on UNIX, execute this command:

   % grep product /var/.com.zerog.registry.xml | grep "Brightmail Control Center"

   The LOADPOINT is the directory value for "location=".

  

2. From ControlCenter LOADPOINT, perform the following steps to remove "example" files and other default Tomcat files:

   # rm ./Tomcat/jakarta-tomcat-4.1.27/webapps/admin.xml

   # rm ./Tomcat/jakarta-tomcat-4.1.27/webapps/manager.xml

   # rm -rf ./Tomcat/jakarta-tomcat-4.1.27/webapps/examples


3. Download the patch file to the LOADPOINT.

 

4. Uncompress and expand the tar file.

     Linux:

          tar zxvf smf_630_p231_bcc_linux_sol.tgz

      Solaris:

          # /usr/sfw/bin/gtar zxfv smf_630_p231_bcc_linux_sol.tgz

 

5. Stop the Brightmail Control Center:

   # /etc/init.d/tomcat4 stop

 

6. As the root user, copy the patch files and overwrite existing files:

   Linux:

      # cp -prb smf_630_p231_ControlCenter/* .

      NOTE: existing files are backed up automatically with ~ attached to the end of file names

    Solaris:

      # cp -r smf_630_p231_ControlCenter/* .

            NOTE: Solaris customers should review the contents of the patch file and backup relvelent existing files from the current installation before copying files from the patch.  The following is a list of the updated files in the patch:

            <LOADPOINT>/Tomcat/jakarta-tomcat-4.1.27/webapps/brightmail/login.jsp
            <LOADPOINT>/Tomcat/jakarta-tomcat-4.1.27/webapps/brightmail/bad_request.jsp
            <LOADPOINT>/Tomcat/jakarta-tomcat-4.1.27/webapps/brightmail/settings/settings_administrators_edit.jsp
            <LOADPOINT>/Tomcat/jakarta-tomcat-4.1.27/webapps/brightmail/settings/settings_administrators.jsp
            <LOADPOINT>/Tomcat/jakarta-tomcat-4.1.27/webapps/brightmail/WEB-INF/struts-settings-admin.xml
            <LOADPOINT>/Tomcat/jakarta-tomcat-4.1.27/webapps/brightmail/WEB-INF/web.xml
            <LOADPOINT>/Tomcat/jakarta-tomcat-4.1.27/webapps/brightmail/WEB-INF/classes/brightmailLabelBundle.properties
            <LOADPOINT>/Tomcat/jakarta-tomcat-4.1.27/webapps/brightmail/WEB-INF/classes/com/brightmail/pl/struts/action/LogonAction.class
            <LOADPOINT>/Tomcat/jakarta-tomcat-4.1.27/webapps/brightmail/WEB-INF/classes/com/brightmail/pl/struts/action/settings/AdministratorSettings.class

 

 

7. Clean up Tomcat cache:

   # rm -rf ./Tomcat/jakarta-tomcat-4.1.27/work

  

8. Restart the Brightmail Control Center:

   # /etc/init.d/tomcat4 start


Windows:

 

1. Download the zip file smf_630_p231_bcc_win.zip.

 

2. Open up the zip file in order to view the contents, and back up relevant existing files if desired.

 

3. Locate the LOADPOINT of the Control Center. The default location is

   C:\Program Files\Symantec\SBAS\ControlCenter

 

4. Remove the following content under LOADPOINT:

      Tomcatjakarta-tomcat-4.1.27webappsexamples

      Tomcatjakarta-tomcat-4.1.27webappsadmin.xml

      Tomcatjakarta-tomcat-4.1.27webappsmanager.xml

     

5. Stop Tomcat service using Windows Service Control Manager interface.

 

6. Extract the zip file into the LOADPOINT, preserving the folder structure from the zip file; copy Tomcat folder from uncompressed patch directory and overwrite the Tomcat folder under LOADPOINT.

 

7. Start Tomcat service using Windows Service Control Manager interface.


Verification

============

 

Open a new browser, and type the following URL's one at a time:

1. http://<your_ControlCenter_IP>:41080/brightmail/about.jsp

2. http://<your_ControlCenter_IP>:41080/brightmail/try.do

 

Expected results:

1. You are redirected to the user logon page.

2. An error page with Symantec logo is displayed indicating "Bad Request". 

 

Please find the Symantec Message Filter v6.3.0 Patch 231 files below, listed under "Attachments."


Attachments

Symantec Message Filter v6.3.0 Patch 231 for Windows
smf_630_p231_bcc_win.zip (48 kBytes)
Symantec Message Filter v6.3.0 Patch 231 for Linux and Solaris
smf_630_p231_bcc_linux_sol.tgz (40 kBytes)




Article URL http://www.symantec.com/docs/TECH191487


Terms of use for this information are found in Legal Notices