Please enter search query. Search <product_name> all support & community content...
Last Published: 2016-11-10
Ratings: 1 0
ProblemHow to verify if VTS16-001 ( Security Advisory Hotfix ) is applied to a NetBackup server/client?
Error MessageNo error message is displayed during NetBackup operations if the VTS16-001 hotfix is not applied to a server/client.
CauseVulnerability scanners can report that NetBackup server/clients are vulnerable to CVE's listed in the VTS16-001 advisory even if the servers/clients contain the VTS16-001 advisory hotfix.
SolutionThe examples below show how to verify a NetBackup 7.7 Master Server (Unix and Windows) has the VTS-16-001 Security Advisory hotfix applied.
To verify on UNIX that the VTS16-001 hotfix is applied to a server or client review the pack.summary file. On UNIX servers\clients the pack.summary file is located in the following path:
Verify the VTS16-001 hotfix (NetBackup Remote Access Vulnerabilities) for NetBackup 7.7 is installed on a NetBackup server\client by using the cat command on the pack.summary file. The file must contain a reference to EEB_NetBackup_7.7_PET3864870_SET3864869_EEB1
To verify on Windows servers/clients that the VTS16-001 hotfix is applied review the History.Log for a reference to EEB_NetBackup_7.7_PET3864870_SET3864869_EEB1. On NetBackup Windows server/client installations the History.Log is located in the following path:
Verify the VTS16-001 hotfix for NetBackup 7.7 is installed by using a text editor to view the History.Log file:
A NetBackup server/client can be considered to have VTS16-001 hotfix applied if and only if ONE of the following conditions are met:
- NetBackup version is 7.7.2 (2.7.2 on appliances) or higher.
- For NetBackup version 7.5 (2.5 on appliances), pack.summary or History.Log file contains EEB_NetBackup_18.104.22.168_PET3865363_SET3865362_EEB1
- For NetBackup version 7.6 (2.6 on appliances), pack.summary or History.Log file contains EEB_NetBackup_22.214.171.124_PET3865358_SET3865357_EEB1
- For NetBackup version 7.6 (2.6 on appliances), pack.summary or History.Log file contains EEB_NetBackup_126.96.36.199_PET3865354_SET3865353_EEB1
- For NetBackup version 7.7, pack.summary or History.Log file contains EEB_NetBackup_7.7_PET3864870_SET3864869_EEB1
Note (1): VTS16-001 vulnerabilities do not affect OpsCenter. OpsCenter EEBs are provided for compatibility with backlevel hotfixed NetBackup servers.
Note (2): VTS16-001 vulnerabilities do not affect NetBackup 7.7.2 (2.7.2 on appliances). NetBackup 7.7.2 EEBs are provided for Java Admin Console compatibility with backlevel hotfixed NetBackup servers.
Related Knowledge Base Articles
Was this content helpful?
Rating submitted. Please provide additional feedback (optional):