VTS17-003: A hotfix is now available for Issue #6 CVE-2017-6401 affecting NetBackup and NetBackup Appliances.

  • Article ID:100000480
  • Modified Date:
  • Product(s):

Severity

Security Vulnerability

Description

Document History:
April 26, 2017: Initial publication
May 11, 2017: Hotfixes attached

Veritas Technologies LLC has updated Security Advisory VTS17-003, which includes issues affecting all versions of NetBackup and NetBackup Appliances.

A security hotfix which includes a resolution for Issue #6 (CVE-2017-6401) listed in this Advisory is now available for the following versions of NetBackup and NetBackup Appliances:

NetBackup:

  • 7.7.2
  • 7.7.3

NetBackup Appliances:

  • 2.7.2
  • 2.7.3

Action Required

All NetBackup tiers deploy with client binaries bpcd and bpnbat. Installation of this Hotfix must be done on all NetBackup master servers, media servers and clients.

Hotfixes can be found attached to this article via the Download Attachments link for the versions listed above.

Although this issue affects previous versions of NetBackup and NetBackup Appliances, hotfixes and/or EEB bundles are not available for these versions.

The formal resolution for this issue (Etrack 3912677) is included in the following releases:

  • NetBackup 8.0
  • NetBackup Appliances 3.0

If the environment has already been upgraded to this version or above, installation of an EEB is not required.

Veritas recommends upgrading to the latest version of NetBackup/NetBackup Appliances.

Instructions on installing a hotfix or EEB can be found by accessing the Related Articles link.

Hotfix information/README:

NetBackup 7.7.2 & 7.7.3:

Bug ID: ET 3912678 (7.7.2), 3912679 (7.7.3)

Installation Location: client

Installation Instructions: Please follow the EEB installer instructions available in the linked Related Article

Package Contents: Please choose the appropriate platform after download:
7.7.3:
eebinstaller_3912679_6_hpia11_31             HP-UX Itanium Installation
eebinstaller_3912679_6_linuxR_x86_2_6_18     RedHat x64 Installation
eebinstaller_3912679_6_linuxS_x86_3_0_76     Suse x64 Installation
eebinstaller_3912679_6_rs6000_61             AIX Installation
eebinstaller_3912679_6_solaris10             Solaris SPARC Installation
eebinstaller_3912679_6_solaris_x86_10_64     Solaris x64 Installation
eebinstaller_3912679_6_AMD64.exe             Windows x64 Installation
eebinstaller_3912679_6_x86.exe               Windows x86 Installation
eebinstaller_3912679_6_zlinuxR_2_6_18        RedHat System z Installation
eebinstaller_3912679_6_zlinuxS_3_0_76        Suse System z Installation

7.7.2:
eebinstaller_3912678_6_hpia11_31             HP-UX Itanium Installation
eebinstaller_3912678_6_linuxR_x86_2_6_18     RedHat x64 Installation
eebinstaller_3912678_6_linuxS_x86_3_0_76     Suse x64 Installation
eebinstaller_3912678_6_rs6000_61             AIX Installation
eebinstaller_3912678_6_solaris10             Solaris SPARC Installation
eebinstaller_3912678_6_solaris_x86_10_64     Solaris x64 Installation
eebinstaller_3912678_6_AMD64.exe             Windows x64 Installation
eebinstaller_3912678_6_x86.exe               Windows x86 Installation
eebinstaller_3912678_6_zlinuxR_2_6_18        RedHat System z Installation
eebinstaller_3912678_6_zlinuxS_3_0_76        Suse System z Installation


Checksums:
7.7.3:
2189296671 557625 zlinuxR_2.6.18/bpcd
3057486263 67925 zlinuxR_2.6.18/bpnbat
1796872410 542283 zlinuxS_3.0.76/bpcd
3191150927 73888 zlinuxS_3.0.76/bpnbat
2166487485 1244024 solaris_x86_10_64/bpcd
328195087 113864 solaris_x86_10_64/bpnbat
572482574 538624 x86/bpcd.exe
4111780846 43520 x86/bpnbat.exe
184104929 843704 linuxR_x86_2.6.18/bpcd
2370619339 68220 linuxR_x86_2.6.18/bpnbat
3161040523 1227650 rs6000_61/bpcd
3769663290 102853 rs6000_61/bpnbat
1115079102 813715 linuxS_x86_3.0.76/bpcd
667470645 70566 linuxS_x86_3.0.76/bpnbat
3851053964 2663480 hpia11.31/bpcd
395805498 179808 hpia11.31/bpnbat
1519032279 756736 AMD64/bpcd.exe
1325727066 51712 AMD64/bpnbat.exe
1770317240 1258096 solaris10/bpcd
4154479653 76840 solaris10/bpnbat

7.7.2:
3259314164 554549 zlinuxR_2.6.18/bpcd
2755427368 67853 zlinuxR_2.6.18/bpnbat
3914213099 537479 zlinuxS_3.0.76/bpcd
29847574 69736 zlinuxS_3.0.76/bpnbat
2847489734 1240320 solaris_x86_10_64/bpcd
754213617 111776 solaris_x86_10_64/bpnbat
828127815 399872 x86/bpcd.exe
3643246590 43008 x86/bpnbat.exe
2497251671 1226787 rs6000_61/bpcd
2242323545 100751 rs6000_61/bpnbat
1773588206 840534 linuxR_x86_2.6.18/bpcd
4245920247 64036 linuxR_x86_2.6.18/bpnbat
2236744046 809108 linuxS_x86_3.0.76/bpcd
4255004312 66414 linuxS_x86_3.0.76/bpnbat
4105956715 2662984 hpia11.31/bpcd
2009535810 179232 hpia11.31/bpnbat
3668156862 605184 AMD64/bpcd.exe
1372485538 48128 AMD64/bpnbat.exe
4068020571 1254648 solaris10/bpcd
3603896174 74768 solaris10/bpnbat

Recommended service state: Stop all NetBackup services before applying this hotfix.

NetBackup Appliances 2.7.2 & 2.7.3:
Please use the Download Attachment link to find and download the RPM and access the linked Related Article for instructions on applying the hotfix on an Appliance.

The Security Advisory is available at the following link:
 https://www.veritas.com/content/support/en_US/security/VTS17-003.html

Contact Support
 https://www.veritas.com/content/support/en_US/contact-us.html

Downloads

Related Articles

DOCUMENTATION: Instructions on using the NetBackup Emergency Engineering Binary (EEB) installer

Installing EEBs on a NetBackup 52x0 / 5330 Appliance

Was this content helpful?

Get Support