Security Pack NB_45_9S2_F.winnt.intel.exe provides security-related fixes for Veritas NetBackup (tm) DataCenter / BusinesServer 4.5FP Windows NT/2000/2003 server and clients. It also contains security fixes for NetBackup Add-on products and Database Agents.

Article:TECH47079  |  Created: 2006-01-22  |  Updated: 2013-10-23  |  Article URL http://www.symantec.com/docs/TECH47079
Article Type
Technical Solution

Product(s)

Environment

Issue



Security Pack NB_45_9S2_F.winnt.intel.exe provides security-related fixes for Veritas NetBackup (tm) DataCenter / BusinesServer 4.5FP Windows NT/2000/2003 server and clients. It also contains security fixes for NetBackup Add-on products and Database Agents.

Solution



NB 4.5FP6 Pack NB_45_9S2_F README March 23, 2006
================================================================================
** THIS SECURITY PACK MUST BE INSTALLED OVER THE NETBACKUP 4.5FP6 PACK NB_45_9_F
FEATURE PACK. ANY ATTEMPT TO INSTALL THIS PACK OVER AN EARLIER VERSION OF
NETBACKUP 4.5 WILL RESULT IN A FAILED INSTALL.

(Please refer to the PACK DEPENDENCIES and the RELATED DOCUMENTS sections of
this Readme for additional information that applies to this pack.)

================================================================================



=================
PACK DEPENDENCIES
=================

-- 4.5FP6 PACK NB_45_9_F must be installed prior to installing this
Security Pack.

-- For the latest robotics support please also download and install the
latest Mappings_4.5.<6 digit number>.zip from the Support Web site:
www.support.veritas.com.


I. DOWNLOAD INSTRUCTIONS
II. INSTALLATION INSTRUCTIONS
III. UNINSTALL INSTRUCTIONS
IV. DESCRIPTION OF PROBLEMS FIXED
Current Pack


=========================
I. DOWNLOAD INSTRUCTIONS
=========================
This is an update to NetBackup/Media Manager products
with the latest fixes for Windows NT NetBackup servers.

Download instructions:
1) Download the NB_45_9S2_F.winnt.intel_<6 digit number>.exe file
into a temporary directory.

where <6 digit number> is an internal tracking identifier

2) Extract the NB_45_9S2_F.winnt.intel_<6 digit number>.exe
by double-clicking on it.

This will create a number of files that include:
README.NT
and
Setup.exe


==============================
II. INSTALLATION INSTRUCTIONS
==============================
NOTE: For Security Pack installation on Microsoft Cluster Environment:

- Install this Security Pack on the inactive node(s) of the cluster,
performing Steps 1-4 below.

- Use the MSCS move group command to 'failover' the server to another node.
This should be done when the NetBackup system is quiet, that is, no
backups or restores are running.

- Install this Security Pack on the newly inactive node of the cluster.

- (Optional) Use the MSCS move group command to 'failover' the server back
to the original node.

--------------------------------------------------------------------------------

Installation steps:

NOTE: If upgrading a NetBackup Windows 4.5 FP8 client to server or
Administration Console, the 4.5 pack must be uninstalled
prior to upgrading to 4.5 server or Administration Console.

1) Close all NetBackup Windows.
Make sure the NetBackup server system is quiet and has no active backups,
restores, duplications, etc., running. If there are NetBackup activities in
process, the Security Pack will not install if the file to update is busy.

If a database client is being used, such as Oracle, ensure that the
database services are stopped. Database services can be stopped by
using the Control Panel -> Services tool. Repeat this process until
all databases have been stopped. These services must be restarted
once the patch is successfully installed.

2) Run Setup.exe. (Double-click on the icon from File Manager or Explorer
or run it from the command prompt.)

Setup.exe begins by stopping the appropriate NetBackup Services required
for the Security Pack installation. Next, it will install the necessary
files into their correct locations. Finally, Setup.exe will restart the
appropriate NetBackup services.

3) Examine the <install_path>\patch\History.Log file to ensure that no
errors took place during the installation, for example, an error during
Security Pack installation because of a busy file.

4) Remove the temporary directory created in the download instructions.


============================
III. UNINSTALL INSTRUCTIONS
============================
**Important notice regarding un-installs on Windows**
Only the last pack installed on a Windows system can be un-installed.

1) Close all NetBackup Windows.
Make sure the NetBackup server system is quiet and has no active backups,
restores, duplications, etc., running.) If there are NetBackup activities
in process, the Security Pack will not install if the file to update is busy.

If a database client is being used, such as Oracle, ensure that the
database services are stopped. Database services can be stopped by
using the Control Panel -> Services tool. Repeat this process until
all databases have been stopped. These services must be restarted
once the patch is successfully installed.

2) Go to <install dir of NetBackup>\Patch\Pack_Uninstaller.exe and
double-click on the executable.
(For example, C:\Program Files\Veritas\Patch\Pack_Uninstaller.exe)

3) Select the correct Pack to be uninstalled.

4) Click Uninstall.

5) You may review the trace file
(<install dir of NetBackup>\Patch\Pack_Uninstall.log)
to see what files were replaced.


==================================
IV. DESCRIPTION OF PROBLEMS FIXED
==================================
The following are descriptions of the problems fixed.
Please read the entire document before installing.

README Conventions:

Description
Describes a particular problem contained in this Security Pack.

** Description **
Describes a problem that can lead to potential data loss. Please
read these problem descriptions carefully.

Workaround
Any available workarounds to a problem are also listed. Workarounds
can be used INSTEAD of applying the patch, however, Symantec strongly
recommends the "best practice" of being at the latest patch level.

Additional Notes
Any additional information regarding this problem or feature is included.


=============
Current pack
=============

================================================================================
Etrack Incident = ET520523 ET529520

Description:
A stack-based buffer overflow vulnerability existed in the volume manager
daemon (vmd) running on NetBackup servers. If an attacker was able to
gain access to a vulnerable NetBackup server and successfully exploit this
issue, it could have lead to arbitrary code execution and resulted in
unauthorized access with elevated privileges on the targeted system.

This vulnerability impacted only NetBackup server systems and did not
impact NetBackup client systems.
--------------------------------------------------------------------------------
Etrack Incident = ET542279 ET542261 ET542257 ET542275 ET536743 ET542255 ET542263
ET542265 ET542267 ET542269 ET542248 ET546392 ET546392 ET542499 ET542271

Description:
Multiple buffer overflow vulnerabilities have been identified in daemons
that run on Veritas NetBackup master, media, and client servers. An
attacker, if able to access a vulnerable Veritas NetBackup server and
successfully exploit these issues, could potentially execute arbitrary
code resulting in possible unauthorized and elevated privilege access to
the targeted system.

For more information relating to this vulnerability notification, refer to
TechNote 281521 on the Symantec Support web site.
================================================================================



Attachments

NB_45_9S2_F_282579.winnt.intel.exe (31.4 MBytes)


Legacy ID



282579


Article URL http://www.symantec.com/docs/TECH47079


Terms of use for this information are found in Legal Notices