Security Pack NB_FIS_45_9S2_F.tar provides security-related fixes for Veritas NetBackup (tm) DataCenter 4.5FP for the Frozen Image Service Agent on HP-UX and Solaris platforms.

Article:TECH47081  |  Created: 2006-01-22  |  Updated: 2013-10-23  |  Article URL http://www.symantec.com/docs/TECH47081
Article Type
Technical Solution

Product(s)

Environment

Issue



Security Pack NB_FIS_45_9S2_F.tar provides security-related fixes for Veritas NetBackup (tm) DataCenter 4.5FP for the Frozen Image Service Agent on HP-UX and Solaris platforms.

Solution



FIS 4.5FP_6/4.5FP_9S1443 Pack NB_FIS_45_9S2_F README March 23, 2006
Requirement: NB_FIS_45_8_F
================================================================================
This Security Pack provides updates and fixes for VERITAS NetBackup for Core
Frozen Images.

** THIS SECURITY PACK MUST BE INSTALLED OVER THE NETBACKUP 4.5FP6 PACK
NB_FIS_45_8_F FEATURE PACK. ANY ATTEMPT TO INSTALL THIS PACK OVER AN EARLIER
VERSION OF NETBACKUP 4.5 WILL RESULT IN A FAILED INSTALL. **

================================================================================


=================
PACK DEPENDENCIES
=================
-- NB_FIS_45_8_F must be installed prior to installing this pack.
NOTE that there is no NB_FIS_45_9_F pack.

-- 4.5 FP6 must be installed prior to installing this pack.

-- 4.5FP6 PACK NB_45_9_F should be installed prior to installing this
Security Pack.

-- Installation of this pack requires version 1.8.2.26 of the
Vrts_pack.install.


I. DOWNLOAD INSTRUCTIONS
II. INSTALLATION INSTRUCTIONS
III. UNINSTALL INSTRUCTIONS
IV. DESCRIPTION OF PROBLEMS FIXED
Current Pack


=========================
I. DOWNLOAD INSTRUCTIONS
=========================
1) Download NB_FIS_45_9S2_F_<6 digit number>.tar into the /tmp directory.

where <6 digit number> is an internal tracking identifier

2) Extract NB_FIS_45_9S2_F_<6 digit number>.tar
/bin/tar -xvf NB_FIS_45_9S2_F_<6 digit number>.tar

This will create the files:
Vrts_pack.install
VrtsNB_FIS_45_9S2_F.README
VrtsNB_FIS_45_9S2_F.tar.Z



==============================
II. INSTALLATION INSTRUCTIONS
==============================
As root on the NetBackup Server with NetBackup for Core Frozen Image:
1) Install NB_FIS_45_9S2_F pack binaries.

cd /tmp
/bin/sh Vrts_pack.install

2) Update the NetBackup ServerFree Agent clients, which should
include the NetBackup master server if the master server
is an HP or Solaris machine, with the new ServerFree Agent
software.

Note: The term ServerFree Agent refers to the following
optional products: Core Frozen Image Services,
Extended Frozen Image Services and Offhost and SAN Data
Movement Services.

All patches to any of the ServerFree Agent products should
be applied before executing the following command:

/usr/openv/netbackup/bin/update_clients -Install_VFMS <hardware> <os>

where <hardware> <os> is one of the following:

HP9000-700 HP-UX11.00
HP9000-800 HP-UX11.00
Solaris Solaris2.6
Solaris Solaris7
Solaris Solaris8
Solaris Solaris9



============================
III. UNINSTALL INSTRUCTIONS
============================
Note: This will ONLY uninstall the pack from your local machine.

1) Close the NetBackup user interfaces.

Make sure the NetBackup server has no active jobs running (for
example, backups, restores, or duplications).

If a database agent is being used, such as Oracle,
ensure that the database services are stopped.

2) Change directory to the patch save directory.
Substitute the pack name for ${PACK} in the following command:

cd /usr/openv/pack/${PACK}/save

3) Run the un-install script:

./Vrts_pack.uninstall

4) Verify that the pack uninstalled successfully by checking
/usr/openv/pack/pack.history.

5) If update_clients was run after the pack was originally INSTALLED,
run it again after that pack is successfully UNINSTALLED.

6) If necessary, restart the NetBackup and Media Manager daemons:
/usr/openv/netbackup/bin/goodies/netbackup start



==================================
IV. DESCRIPTION OF PROBLEMS FIXED
==================================
The following are descriptions of the problems fixed. Please read the entire
document before installing.

README Conventions :

Description
Describes particular problem or feature contained in this pack.

** Description **
Describes a problem that can lead to potential data loss. Please
read these problem descriptions carefully.

Workaround
Any available workarounds to a problem are also listed. Workarounds
can be used INSTEAD of applying the patch, however, Symantec strongly
recommends the "best practice" of being at the latest patch level.

Additional Notes
Any additional information regarding this problem is included.


=============
Current pack
=============

================================================================================
Etrack Incident = ET542279 ET542261 ET542257 ET542275 ET536743 ET542255 ET542263 ET542265 ET542267 ET542269
ET542248 ET546392 ET546392 ET542499 ET542271

Description:
Multiple buffer overflow vulnerabilities have been identified in daemons
that run on Veritas NetBackup master, media, and client servers. An
attacker, if able to access a vulnerable Veritas NetBackup server and
successfully exploit these issues, could potentially execute arbitrary
code resulting in possible unauthorized and elevated privilege access to
the targeted system.

For more information relating to this vulnerability notification, refer to
TechNote 281521 on the Symantec Support web site.
================================================================================



Attachments

NB_FIS_45_9S2_F_282581.tar (1.2 MBytes)


Legacy ID



282581


Article URL http://www.symantec.com/docs/TECH47081


Terms of use for this information are found in Legal Notices