Special Pack NB_50_5S2_M.winnt.IA64.exe provides security-related fixes for VERITAS NetBackup (tm) Enterprise Server / Server 5.0 on Windows XP/2003 64 bit clients.

Article:TECH44729  |  Created: 2005-01-08  |  Updated: 2006-01-09  |  Article URL http://www.symantec.com/docs/TECH44729
Article Type
Technical Solution

Product(s)

Environment

Issue



Special Pack NB_50_5S2_M.winnt.IA64.exe provides security-related fixes for VERITAS NetBackup (tm) Enterprise Server / Server 5.0 on Windows XP/2003 64 bit clients.

Solution



 NB 5.0GA Pack NB_50_5S2_M README                                November 7, 2005
================================================================================
This Maintenance Pack provides fixes to the VERITAS NetBackup Windows 64 bit  
client.

** THIS MAINTENANCE PACK  MUST BE INSTALLED OVER THE NETBACKUP 5.0GA PACK
NB_50_5_M MAINTENANCE PACK.  ANY ATTEMPT TO INSTALL THIS PACK OVER AN EARLIER
VERSION OF NETBACKUP 5.0 WILL RESULT IN A FAILED INSTALL.

(Please refer to the PACK DEPENDENCIES and the RELATED DOCUMENTS sections of
this Readme for additional information that applies to this pack.)

Symantec recommends that the backing up of active file systems be avoided,  
or the use of snapshot technologies be implemented. The directory structure  
reported back from the file system (to NetBackup) may not contain all of the  
files available during the time of backup. NetBackup will not report errors  
in many cases where the file's existence is not known to NetBackup as reported  
by the file system.


=================
PACK DEPENDENCIES
=================

    -- NETBACKUP 5.0GA PACK NB_50_5_M must be installed prior to  
       installing this Maintenance Pack.

    -- For the latest robotics support please also download and install the  
       latest Mappings_5.0.<6 digit number>.zip from the Support Web site:
       www.support.veritas.com.


I.    DOWNLOAD INSTRUCTIONS
II.   INSTALLATION INSTRUCTIONS
III.  UNINSTALL INSTRUCTIONS
IV.   DESCRIPTION OF PROBLEMS FIXED
        Current Pack


=========================
I. DOWNLOAD INSTRUCTIONS
=========================
This is an update to NetBackup/Media Manager products
with the latest fixes for Windows NT NetBackup servers.

Download instructions:
1) NB_50_5S2_M.winnt.IA64_<6 digit number>.exe file
  into a temporary directory.

  where <6 digit number> is an internal tracking identifier

2) Extract the NB_50_5S2_M.winnt.IA64_<6 digit number>.exe
  by double-clicking on it.

       This will create a number of files that include:
       README.NT
       and
       Setup.exe



===============================
II. INSTALLATION INSTRUCTIONS
===============================
NOTE: For Maintenance Pack installation on Microsoft Cluster Environment:

1) Install this Maintenance Pack on the inactive node(s) of the cluster  
  (follow steps 1-4 below)

2) Use the MSCS move group command to 'failover' the server to another node.
  This should be done when the NetBackup system is quiet, i.e. no backups
  or restores running.

3) Install this Maintenance Pack on the newly inactive node of the cluster

4) (Optional) Use the MSCS move group command to 'failover'
  the server back to the original node.

--------------------------------------------------------------------------------

Installation steps:

1) Close all NetBackup Windows.
  Make sure the NetBackup system has no active backups, restores,
  duplications, etc., running. If there are NetBackup activities in process,
  the Maintenance Pack will require a reboot if the file to update is busy.

  If a database client is being used, such as Oracle, ensure that the
  database services are stopped.  Database services can be stopped via the
  ControlPanel -> Services tool.  Repeat this until all databases have been
  stopped. These services must be restarted once the patch is successfully
  installed.

2) Run Setup.exe (Double-click on the icon from File Manager or Explorer or run
  it from the command prompt)

  Setup.exe begins by stopping the appropriate NetBackup Services required for
  the Maintenance Pack installation. Next, it will install the necessary files  
  into their correct locations. Lastly, Setup.exe will restart the appropriate  
  NetBackup services.

3) Examine the <TEMP>.Log file to ensure that no errors took  
  place during the installation.

4) Remove the temporary directory created in the download instructions.

Note: If you are installing the Maintenance Pack using the silent install script,
please review the <TEMP>.Log after the installation is finished,
a reboot maybe required to complete the installation of the Maintenance Pack.  A
search of the log for the key words "in use" will indicate which files were busy
during the installation.



===========================
III. UNINSTALL INSTRUCTIONS
==========================
**Important notice regarding un-installs on Windows**
Only the last Maintenance Pack installed on a Windows system
can be un-installed.  

1) Close all NetBackup Windows.
  Make sure the NetBackup server has no active backups, restores,
  duplications, etc., running. If there are NetBackup activities in process,
  the Maintenance Pack will not install if the file to update is busy.

  If a database client is being used, such as Oracle, ensure that the
  database services are stopped.  Database services can be stopped via the
  ControlPanel -> Services tool.  Repeat this until all databases have been
  stopped. These services must be restarted once the patch is successfully
  installed.

2) Go to <install dir of NetBackup>_Uninstaller.exe and  
  double-click on the executable.

3) Select correct Pack to be uninstalled.

4) Click on Uninstall.
 
5) You may review the trace file  
 (<install dir of NetBackup>_Uninstall.log)  
  to see what files were replaced.


=================================
IV. DESCRIPTION OF PROBLEMS FIXED
=================================
The following are descriptions of the problems fixed.  Please read the entire
document before installing.

A vulnerability has been confirmed in the NetBackup Volume Manager  
daemon.  Please refer to the Current Pack section for more information.


README Conventions:

Description
    Describes a particular problem or feature contained in this Maintenance  
    Pack.

** Description **  
    Describes a problem that can lead to potential data loss. Please  
    read these problem descriptions carefully.

Workaround
    Any available workarounds to a problem are also listed. Workarounds  
    can be used INSTEAD of applying the patch, however, Symantec strongly  
    recommends the "best practice" of being at the latest patch level.

Additional Notes  
    Any additional information regarding this problem or feature is included.


=============  
Current pack  
=============  

================================================================================
Etrack Incident = ET429810 ET494465

Description:  
   A vulnerability has been confirmed in the NetBackup Volume Manager  
   daemon (vmd).  By sending a specially crafted packet to the Volume Manager,
   a stack overflow occurs.  This is caused by improper bounds checking.  
   Exploitation does not require authentication, thereby allowing a remote  
   attacker to take over the system or disrupt the backup capabilities.  
   Further testing and code inspection has revealed that all other  
   NetBackup 5.1 daemons are potentially affected in the same manner.  
   Therefore, any Master Servers, Media Servers, Clients and Console machines
   at this version level are subject to this vulnerability.  However,  
   NetBackup 5.1 database agents are not affected by this issue.
   
   Refer to the Related Document section for more details.  
================================================================================




Attachments

NB_50_5S2_M_280087.winnt.IA64.exe (4.2 MBytes)


Legacy ID



280087


Article URL http://www.symantec.com/docs/TECH44729


Terms of use for this information are found in Legal Notices