Security Advisory SYM09-017 Veritas Cluster Server Management Console 5.x patch for Linux, Solaris and Windows

Article:TECH76596  |  Created: 2009-01-10  |  Updated: 2009-01-10  |  Article URL http://www.symantec.com/docs/TECH76596
Article Type
Technical Solution


Environment

Issue



Security Advisory SYM09-017 Veritas Cluster Server Management Console 5.x patch for Linux, Solaris and Windows

Solution



Overview
Symantec VRTSweb, a shared component shipped with many Symantec Veritas products, is susceptible to a remote code-execution vulnerability. This vulnerability is caused by the improper validation of incoming data over port 14300.

Other Symantec products outside of the VCS family are also affected. This alert is being issued in conjunction with a Security Advisory, whose details are given at the following location:
 http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091209_00


 
Vulnerability TypeAffected
Remote Access (Adjacent network)Yes
Local AccessNo
Authentication RequiredNo
Exploit publicly availableNo


Affected versions
Veritas Cluster Server Management Console version 5.1, 5.5, and 5.5.1 on the Linux, Solaris, and Windows platforms.

Files affected by this patch
 
Operating SystemFiles
Linux and Solaris/opt/VRTScmcm/VRTSweb/catalina5/server/lib/vrtsserver.jar
Windows - VCS Mgmt. Console 5.1C:\Program Files\VERITAS\VRTSweb\catalina5\server\lib\vrtsserver.jar
Windows - VCS Mgmt. Console 5.1 and 5.5.1C:\Program Files\Symantec\VRTScmcm\VRTSweb\catalina5\server\lib\vrtsserver.jar



Resolution
This issue is formally resolved with the following patches:

Solaris:    https://vos.symantec.com/patch/detail/2790
Linux:  https://vos.symantec.com/patch/detail/2789
Windows:    https://vos.symantec.com/patch/detail/2764

Symantec strongly recommends applying the patches as soon as possible.   If the patch for your environment cannot be applied at this time, Symantec strongly recommends implementing the Workaround described in the next section.

For instructions about installing this patch, see the section "Installing the Patch" in the README.  

Mitigation/Workaround

Block all incoming requests on default port 14300 (or the port that has been configured), except the ones that come from localhost/127.0.0.1, to reduce the risk associated with this vulnerability until the recommended fix is applied.


or


Shut down VRTSweb, which will disable web-UI functionality that depends on it. To shut down VRTSweb, use the following commands:
UNIX/Linux:  /opt/VRTSweb/bin/webgui stop
Windows:  From the cmd shell:  service vrtsweb stop



Installing the patch on Linux and Solaris
1. Stop VCS Management Console using the following command:
# /opt/VRTScmcm/bin/vxcmcweb stop
2. Back up the file /opt/VRTScmcm/VRTSweb/catalina5/server/lib/vrtsserver.jar to another location.
3. Remove the file /opt/VRTScmcm/VRTSweb/catalina5/server/lib/vrtsserver.jar.
4. Copy the new vrtsserver.jar file to the /opt/VRTScmcm/VRTSweb/catalina5/server/lib/ directory.
5. Start VCS Management Console using the following command:
# /opt/VRTScmcm/bin/vxcmcweb start

Installing the patch on Windows for VCS Management Console 5.1
1. Stop VCS Management Console by typing the following command in a command window:
run "net stop cmcweb"
2. Back up the file C:\Program Files\VERITAS\VRTSweb\catalina5\server\lib\vrtsserver.jar to another location.
3. Delete the file C:\Program Files\VERITAS\VRTSweb\catalina5\server\lib\vrtsserver.jar.
4. Copy the new vrtsserver.jar file to the C:\Program Files\VERITAS\VRTSweb\catalina5\server\lib\ directory.
5. Start VCS Management Console by typing the following command in a command window:
run "net start cmcweb"

Installing the patch on Windows for VCS Management Console 5.5 and 5.5.1
1. Stop VCS Management Console by typing the following command in a command window:
run "net stop cmcweb"
2. Back up the file C:\Program Files\Symantec\VRTScmcm\VRTSweb\catalina5\server\lib\vrtsserver.jar to another location.
3. Delete the file C:\Program Files\Symantec\VRTScmcm\VRTSweb\catalina5\server\lib\vrtsserver.jar.
4. Copy the new vrtsserver.jar file to the C:\Program Files\Symantec\VRTScmcm\VRTSweb\catalina5\server\lib\ directory.
5. Start VCS Management Console by typing the following command in a command window:
run "net start cmcweb"


Best Practices:

Symantec strongly recommends the following best practices:

1. Always perform a full backup prior to and after any changes to your environment.

2. Always make sure that your environment is running the latest version and patch level.

3. Perform periodic "test" restores.
4. Subscribe to technical articles.



How to Subscribe to Email Notification:


Article Subscription:
Subscribe to this TechNote for any updates that are made to this article, by clicking on the following link:    http://maillist.support.veritas.com/notification.asp?doc=336988


Software Alerts:
If you have not received this from the Symantec Technical Support Email Notification Service, please click on the following link to subscribe to future Notifications:  

 







Legacy ID



336988


Article URL http://www.symantec.com/docs/TECH76596


Terms of use for this information are found in Legal Notices