Document ID: 252933
http://support.veritas.com/docs/252933
E-Mail this document to a colleague
http://support.veritas.com/docs/252933
E-Mail this document to a colleague
A potential security problem exists on UNIX platforms of VERITAS Bare Metal Restore for Tivoli Storage Manager. Unauthorized root access to the BMR Main Server may be obtained by anyone with network access to a BMR Main Server by forcing BMR to run arbitrary commands under the administrator account (root).
Details:
VERITAS has
prepared a BMR Maintenance Pack (MP) #4 (patch3.2.1-004) to resolve this
issue. BMR for TSM patch3.2.1-004 can be found below in the Related
Documents section below.
It is
recommended that customers not only verify that the MP is installed, but also
that they verify the new security code is enabled.
To determine if
an MP with the security fix is installed, customers can run the following
command on the BMR Main Server to list the Maintenance Packs installed. Any MP
(also referred to as a patch) greater than MP4 and including MP4 (3.2.1-004)
will contain the fix.
AIX:
/usr/lpp/BareMetal/aix/bmrd
-v
HP:
/opt/BareMetal/hp/bmrd
-v
Solaris:
/opt/BareMetal/sol/bmrd
-v
If the MP is
installed customers should also ensure that the security fix is enabled by
looking for the following line in the
"/var/bmr/etc/server_env"
file:
BMRDfilter=on
The MP
installation process will scan the existing BMR database, and will not enable
the security code if the database is found to be incompatible with the fix. In
the rare case where this may happen, customers are advised to call VERITAS
Technical Services to resolve the incompatibilities.
Email
Notification Service
If you have not
automatically received the TechAlert in regards to this issue via the VERITAS
Email Notification Service for Bare Metal Restore for TSM, please navigate to
the following URL and subscribe:
Products Applied:
Bare Metal Restore for TSM 3.1.0, 3.1.1, 3.2.0, 3.2.1
Bare Metal Restore for TSM 3.1.0, 3.1.1, 3.2.0, 3.2.1
Last Updated: February 19 2003 09:02 PM GMT
Expires on: 365 days from publish date
Subscribe to receive critical updates about this document
Expires on: 365 days from publish date
Subscribe to receive critical updates about this document
Subjects:
Bare Metal Restore for TSM
Application: Informational, Notification
Bare Metal Restore for TSM
Application: Informational, Notification
Languages:
English (US)
English (US)
Operating Systems:
AIX
AIX
4.2.1, 4.3, 4.3.1, 4.3.2, 4.3.3, 5.1
HP-UX
10.2, 11.0, 11.11
Solaris
2.6, 7.0 (32-bit), 8.0 (32-bit)
Symantec World Headquarters:
20330 Stevens Creek Blvd. Cupertino, CA 95014
World Wide Web: http://www.symantec.com,
Tech Support Web: http://entsupport.symantec.com,
E-Mail Support: http://seer.entsupport.symantec.com/email_forms,
FTP: ftp://ftp.entsupport.symantec.com or http://ftp.entsupport.symantec.com
20330 Stevens Creek Blvd. Cupertino, CA 95014
World Wide Web: http://www.symantec.com,
Tech Support Web: http://entsupport.symantec.com,
E-Mail Support: http://seer.entsupport.symantec.com/email_forms,
FTP: ftp://ftp.entsupport.symantec.com or http://ftp.entsupport.symantec.com
THE INFORMATION PROVIDED IN THE SYMANTEC SOFTWARE KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. SYMANTEC SOFTWARE DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL SYMANTEC SOFTWARE OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES,EVEN IF SYMANTEC SOFTWARE OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.