Security Advisory SYM09-017 Veritas Cluster Server Management Console 5.x patch for Linux, Solaris and Windows
| Article:TECH76596 | | | Created: 2009-01-10 | | | Updated: 2009-01-10 | | | Article URL http://www.symantec.com/docs/TECH76596 |
Problem
Security Advisory SYM09-017 Veritas Cluster Server Management Console 5.x patch for Linux, Solaris and Windows
Solution
Overview
Symantec VRTSweb, a shared component shipped with many Symantec Veritas products, is susceptible to a remote code-execution vulnerability. This vulnerability is caused by the improper validation of incoming data over port 14300.
Symantec VRTSweb, a shared component shipped with many Symantec Veritas products, is susceptible to a remote code-execution vulnerability. This vulnerability is caused by the improper validation of incoming data over port 14300.
Other Symantec products
outside of the VCS family are also affected. This alert is being issued in
conjunction with a Security Advisory, whose details are given at the following
location:
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091209_00
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091209_00
| Vulnerability Type | Affected |
|---|---|
| Remote Access (Adjacent network) | Yes |
| Local Access | No |
| Authentication Required | No |
| Exploit publicly available | No |
Affected versions
Veritas Cluster Server Management Console version 5.1, 5.5, and 5.5.1 on the Linux, Solaris, and Windows platforms.
Files affected by this patch
| Operating System | Files |
|---|---|
| Linux and Solaris | /opt/VRTScmcm/VRTSweb/catalina5/server/lib/vrtsserver.jar |
| Windows - VCS Mgmt. Console 5.1 | C:\Program Files\VERITAS\VRTSweb\catalina5\server\lib\vrtsserver.jar |
| Windows - VCS Mgmt. Console 5.1 and 5.5.1 | C:\Program Files\Symantec\VRTScmcm\VRTSweb\catalina5\server\lib\vrtsserver.jar |
Resolution
This issue is formally resolved with the following patches:
Solaris: https://vos.symantec.com/patch/detail/2790
Linux: https://vos.symantec.com/patch/detail/2789
Windows: https://vos.symantec.com/patch/detail/2764
Symantec strongly recommends applying the patches as soon as possible. If the patch for your environment cannot be applied at this time, Symantec strongly recommends implementing the Workaround described in the next section.
For instructions about installing this patch, see the section "Installing the Patch" in the README.
Mitigation/Workaround
Block all
incoming requests on default port 14300 (or the port that has been configured),
except the ones that come from localhost/127.0.0.1, to reduce the risk
associated with this vulnerability until the recommended fix is
applied.
or
Shut down
VRTSweb, which will disable web-UI functionality that depends on it. To shut
down VRTSweb, use the following commands:
UNIX/Linux: /opt/VRTSweb/bin/webgui
stop
Windows: From
the cmd shell: service vrtsweb stop
Installing the patch on Linux and Solaris
1. Stop
VCS Management Console using the following command:
#
/opt/VRTScmcm/bin/vxcmcweb stop
2. Back
up the file /opt/VRTScmcm/VRTSweb/catalina5/server/lib/vrtsserver.jar to
another location.
3. Remove
the file
/opt/VRTScmcm/VRTSweb/catalina5/server/lib/vrtsserver.jar.
4. Copy
the new vrtsserver.jar file to the
/opt/VRTScmcm/VRTSweb/catalina5/server/lib/ directory.
5. Start
VCS Management Console using the following command:
#
/opt/VRTScmcm/bin/vxcmcweb start
Installing the patch on Windows for VCS Management Console 5.1
1. Stop
VCS Management Console by typing the following command in a command
window:
run
"net stop cmcweb"
2. Back
up the file C:\Program
Files\VERITAS\VRTSweb\catalina5\server\lib\vrtsserver.jar to another
location.
3. Delete
the file C:\Program
Files\VERITAS\VRTSweb\catalina5\server\lib\vrtsserver.jar.
4. Copy
the new vrtsserver.jar file to the C:\Program
Files\VERITAS\VRTSweb\catalina5\server\lib\ directory.
5. Start
VCS Management Console by typing the following command in a command
window:
run
"net start cmcweb"
Installing the patch on Windows for VCS Management
Console 5.5 and 5.5.1
1. Stop
VCS Management Console by typing the following command in a command
window:
run
"net stop cmcweb"
2. Back
up the file C:\Program
Files\Symantec\VRTScmcm\VRTSweb\catalina5\server\lib\vrtsserver.jar to
another location.
3. Delete
the file C:\Program
Files\Symantec\VRTScmcm\VRTSweb\catalina5\server\lib\vrtsserver.jar.
4. Copy
the new vrtsserver.jar file to the C:\Program
Files\Symantec\VRTScmcm\VRTSweb\catalina5\server\lib\ directory.
5. Start
VCS Management Console by typing the following command in a command
window:
run
"net start cmcweb"
Best
Practices:
Symantec
strongly recommends the following best practices:
1. Always
perform a full backup prior to and after any changes to your
environment.
2. Always make
sure that your environment is running the latest version and patch
level.
3. Perform
periodic "test" restores.
4. Subscribe to
technical articles.
How to
Subscribe to Email Notification:
Article
Subscription:
Subscribe to
this TechNote for any updates that are made to this article, by clicking on the
following
link: http://maillist.support.veritas.com/notification.asp?doc=336988
Software
Alerts:
If you have not
received this from the Symantec Technical Support Email Notification Service,
please click on the following link to subscribe to future Notifications:
|
|
Related Articles
Legacy ID
336988
Article URL http://www.symantec.com/docs/TECH76596
Terms of use for this information are found in Legal Notices
Thank you.