Security Pack NB_45_9S2_M.winnt.intel.exe provides security-related fixes for Veritas NetBackup (tm) DataCenter / BusinesServer 4.5MP Windows NT/2000/2003 server and clients. It also contains security fixes for NetBackup Add-on products and Database Agents.

Article:TECH47032  |  Created: 2006-01-22  |  Updated: 2013-10-23  |  Article URL http://www.symantec.com/docs/TECH47032
Article Type
Technical Solution

Product(s)

Environment

Issue



Security Pack NB_45_9S2_M.winnt.intel.exe provides security-related fixes for Veritas NetBackup (tm) DataCenter / BusinesServer 4.5MP Windows NT/2000/2003 server and clients. It also contains security fixes for NetBackup Add-on products and Database Agents.

Solution



NB 4.5MP6 Pack NB_45_9S2_M README March 23, 2006
================================================================================
** THIS SECURITY PACK MUST BE INSTALLED OVER THE NETBACKUP 4.5FP6 PACK NB_45_9_M
FEATURE PACK. ANY ATTEMPT TO INSTALL THIS PACK OVER AN EARLIER VERSION OF
NETBACKUP 4.5 WILL RESULT IN A FAILED INSTALL.**

This Maintenance Pack provides fixes to the Veritas NetBackup (tm) NT server
and clients. It also contains fixes for NetBackup Add-on products and Database
Agents.

================================================================================



=================
PACK DEPENDENCIES
=================

-- 4.5 MP6 NB_45_9_M must be installed prior to installing this pack.

-- For the latest robotics support please also download and install the
latest Mappings_4.5.<6 digit number>.zip from the support website:
www.support.veritas.com.


I. DOWNLOAD INSTRUCTIONS
II. KNOWN ISSUES
III. INSTALLATION INSTRUCTIONS
IV. UNINSTALL INSTRUCTIONS
V. DESCRIPTION OF PROBLEMS FIXED
Current Pack


=========================
I. DOWNLOAD INSTRUCTIONS
=========================
This is an update to NetBackup/Media Manager products
with the latest fixes for Windows NT NetBackup servers.

Download instructions:
1) Download the NB_45_9S2_M.winnt.intel_<6 digit number>.exe file
into a temporary directory.

where <6 digit number> is an internal tracking identifier

2) Extract the NB_45_9S2_M.winnt.intel_<6 digit number>.exe
by double-clicking on it.

This will create a number of files that include:
README.NT
and
Setup.exe


=================
II. KNOWN ISSUES
=================
There are no known issues with this pack.



===============================
III. INSTALLATION INSTRUCTIONS
===============================
NOTE: For Security Pack installation on Microsoft Cluster Environment:

1) Install this Security Pack on the inactive node(s) of the cluster
(follow steps 1-5 below)

2) Use the MSCS move group command to 'failover' the server to another node.
This should be done when the NetBackup system is quiet, i.e. no backups
or restores running.

3) Install this Security Pack on the newly inactive node of the cluster

4) (Optional) Use the MSCS move group command to 'failover'
the server back to the original node.

--------------------------------------------------------------------------------

Installation steps:

NOTE: If upgrading a NetBackup Windows 4.5 MP8 client to server or
Administration Console, the 4.5 Maintenance Pack must be uninstalled
prior to upgrading to 4.5 server or Administration Console.

1) Close all NetBackup Windows.
Make sure the NetBackup server has no active backups, restores,
duplications, etc., running. If there are NetBackup activities in process,
the Maintenance Pack will not install if the file to update is busy.

If a database client is being used, such as Oracle, ensure that the
database services are stopped. Database services can be stopped via the
ControlPanel -> Services tool. Repeat this until all databases have been
stopped. These services must be restarted once the patch is successfully
installed.

2) Run Setup.exe (Double-click on the icon from File Manager or Explorer or run
it from the command prompt)

Setup.exe begins by stopping the appropriate NetBackup Services required for
the Maintenance Pack installation. Next, it will install the necessary files
into their correct locations. Lastly, Setup.exe will restart the appropriate
NetBackup services.

3) Examine the <install_path>\patch\History.Log file to ensure that no
errors took place during the installation. For example, an error during
Maintenance Pack installation because of a busy file.

4) Remove the temporary directory created in the download instructions.



===========================
IV. UNINSTALL INSTRUCTIONS
===========================
**Important notice regarding un-installs on Windows**
Only the last Maintenance Pack installed on a Windows system
can be un-installed.

1) Close all NetBackup Windows.
Make sure the NetBackup server has no active backups, restores,
duplications, etc., running. If there are NetBackup activities in process,
the Maintenance Pack will not install if the file to update is busy.

If a database client is being used, such as Oracle, ensure that the
database services are stopped. Database services can be stopped via the
ControlPanel -> Services tool. Repeat this until all databases have been
stopped. These services must be restarted once the patch is successfully
installed.

2) Go to <install dir of NetBackup>\Patch\Pack_Uninstaller.exe and double-click
on the executable.
(i.e. C:\Program Files\VERITAS\Patch\Pack_Uninstaller.exe)

3) Select correct Pack to be uninstalled.

4) Click on Uninstall.

5) You may review the trace file
(<install dir of NetBackup>\Patch\Pack_Uninstall.log)
to see what files were replaced.



=================================
V. DESCRIPTION OF PROBLEMS FIXED
=================================
The following are descriptions of the problems fixed. Please read the entire
document before installing.

README Conventions:

Description
Describes particular problem or feature contained in this pack.

** Description **
Describes a problem that can lead to potential data loss. Please
read these problem descriptions carefully.

Workaround
Any available workarounds to a problem are also listed. Workarounds
can be used INSTEAD of applying the patch, however, Symantec strongly
recommends the "best practice" of being at the latest patch level.

Additional Notes
Any additional information regarding these problems are included.


=============
Current pack
=============

================================================================================
Etrack Incident = ET520525

Description:
A stack-based buffer overflow vulnerability existed in the volume manager
daemon (vmd) running on NetBackup servers. If an attacker was able to
gain access to a vulnerable NetBackup server and successfully exploit this
issue, it could have lead to arbitrary code execution and resulted in
unauthorized access with elevated privileges on the targeted system.

This vulnerability impacted only NetBackup server systems and did not
impact NetBackup client systems.
--------------------------------------------------------------------------------
Etrack Incident = ET542280 ET542262 ET542258 ET542276 ET542266 ET542256 ET542268
ET542264 ET542270 ET542500 ET546394 ET542260

Description:
Multiple buffer overflow vulnerabilities have been identified in daemons
that run on Veritas NetBackup master, media, and client servers. An
attacker, if able to access a vulnerable Veritas NetBackup server and
successfully exploit these issues, could potentially execute arbitrary
code resulting in possible unauthorized and elevated privilege access to
the targeted system.

For more information relating to this vulnerability notification, refer to
TechNote 281521 on the Symantec Support web site.
================================================================================



Attachments

NB_45_9S2_M_282542.winnt.intel.exe (22.7 MBytes)


Legacy ID



282542


Article URL http://www.symantec.com/docs/TECH47032


Terms of use for this information are found in Legal Notices