Security fix for VERITAS Cluster Server 3.5 (all versions) on Solaris - Symantec Security Advisory SYM05-023
| Article:TECH44572 | | | Created: 2005-01-28 | | | Updated: 2005-01-16 | | | Article URL http://www.symantec.com/docs/TECH44572 |
Problem
Security fix for VERITAS Cluster Server 3.5 (all versions) on Solaris - Symantec Security Advisory SYM05-023
Solution
This patch
resolves a buffer overflow vulnerability in VERITAS Cluster Server 3.5 for
Solaris.
This patch can
be applied to 3.5 MP4 (VERITAS Cluster Server 3.5 patch level 5) only. All other
3.5 versions must first be upgraded to 3.5 MP4 before applying this
patch: http://support.veritas.com/docs/278582
All versions of
VERITAS Cluster Server 3.5 on Solaris are affected and should be upgraded to MP4
and this patch applied. For further information on this vulnerability, refer
to http://support.veritas.com/docs/279870
which also contains links to patches for other platforms and versions.
This patch also
contains a number of fixes for incidents not related to security (see below).
Refer to the
information included in the patch file for installation instructions
Attachments
|
|
| Source | ETrack |
| Value | 284786 |
| Description | When server returns ECONREFUSED, commands running on localhost should retry before exit. |
| Source | ETrack |
| Value | 312812 |
| Description | Modify halog for UTF8 encoding. |
| Source | ETrack |
| Value | 322217 |
| Description | Removed unnecessary 'sync' call from hacf. |
| Source | ETrack |
| Value | 368367 |
| Description | Modify ha commands to show output when debug log tag is set. |
| Source | ETrack |
| Value | 426545 |
| Description | Add engine check for username password length. |
| Source | ETrack |
| Value | 426548 |
| Description | Packaging changes to remove root suid in some binaries. |
Related Articles
Legacy ID
279917
Article URL http://www.symantec.com/docs/TECH44572
Terms of use for this information are found in Legal Notices
Thank you.