[+]
SORT Support
[+]
SORT Suggestions
/ Downloads / Patches / Patch Detail
This page lists publically-released Symantec patches. For information on private patches, contact Symantec Technical Support.
Patches for your product can have a variety of names. These names are based on product, component, or package names. For more information on patch naming conventions and the relationship between products, components, and packages, see the SORT online help.
vea-5.1SP2HF_3_3_1068_0b_2372164
Sign in if you want to rate this patch.

 Basic information
Patch type: Hot Fix
Release date: 2011-08-31
Technote: TECH165536-Symantec Veritas Enterprise Administrator service (vxsvc) multiple buffer overflows
Documentation: None
Popularity: 1026 viewed    321 downloaded
Download size: 3 MB
Checksum: 661808000

 Applies to one or more of the following products:
Veritas Storage Foundation 5.1SP2 On Windows 32-bit
Veritas Storage Foundation 5.1SP2 On Windows IA64
Veritas Storage Foundation 5.1SP2 On Windows x64
Veritas Storage Foundation HA 5.1SP2 On Windows 32-bit
Veritas Storage Foundation HA 5.1SP2 On Windows IA64
Veritas Storage Foundation HA 5.1SP2 On Windows x64

 Obsolete patches, incompatibilities, superseded patches, or other requirements:
None.

 Fixes the following incidents:
2372164

 Patch ID:
None.

 Readme file  [Save As...]
Date: 2011-08-29
OS: Windows
OS Version: 2003, 2008
Packages: Hotfix_3_3_1068b_2372164_x86.exe, Hotfix_3_3_1068b_2372164_x64_IA64.exe
Etrack Incidents: 2372164

Errors/Problems Fixed
----------------------+
VEA service(vxsvc) running on port 2148 crashes and dumps core.

Overview
---------
Veritas Enterprise Administrator service (vxsvc) is prone to buffer overflows which may result in a crash.


Resolution
-----------
Code was modified to validate the data packets received over the network and reject the malformed packet(s).


Fixes Applied for Products
--------------------------+
- Storage Foundation for Windows 5.1 SP2
- Storage Foundation and High Availability for Windows 5.1 SP2


Install/Uninstall Instructions
------------------------------+
This package contains self-extracting files that are specific to the processor architecture.
Download the appropriate hotfix executable to a temporary location on your system.
You can install this hotfix using the GUI or from the command line.
Instructions for both options are provided below.

Each self-extracting file includes the following updated file(s):

=====================================
Filename           |    Version     |
=====================================
vxveautil.dll      |   3.3.1068.0   |
vxvea3.dll         |   3.3.1068.0   |
vxpal3.dll         |   3.3.1068.0   |
-------------------------------------


Before you begin
-----------------
1] On Windows Server 2003, this hotfix requires Microsoft Core XML Services (MSXML) 6.0 pre-installed in your setup. Download and install MSXML 6.0 before installing the hotfix.
Refer to the following link for more information:
http://www.microsoft.com/downloads/details.aspx?FamilyId=993c0bcf-3bcf-4009-be21-27e85e1857b1&displaylang=en

Microsoft posted service pack and/or security updates for Core XML Services 6.0.
Please contact Microsoft or refer to Microsoft website to download and install latest updates to Core XML Services 6.0.
Refer to the following link for more information:
http://www.microsoft.com/downloads/details.aspx?FamilyId=70C92E77-9E5A-41B1-A9D2-64443913C976&displaylang=en

2] As part of the installation, the hotfix installer stops the clussvc cluster service. If you install this hotfix on the active node, it may cause a failover.

In a Microsoft clustering environment, please install this hotfix on all the passive cluster nodes first. Then switch the service group to one of the passive nodes and then install on the node where the service group was online initially.


To install the hotfix using the GUI
------------------------------------
1. Double click the hotfix executable file to extract the contents to a default location on the cluster node.
On 32-bit systems, the files are extracted to:
"%commonprogramfiles%\Veritas Shared\WxRTPrivates"

On 64-bit systems, the files are extracted to:
"%commonprogramfiles(x86)%\Veritas Shared\WxRTPrivates"

The Hotfix Installer Wizard is automatically launched after the files are extracted.

2. Click "Next" on the Welcome screen. 
The 'Hotfix Installation Task' screen lists the tasks that are performed by the installer.

3. Click "Install Hotfix" to begin the hotfix installation. 
The status of each installation task is updated as it completes.

4. After the tasks are complete, click "Next" and then click "Finish" to complete the installation process.

5. If prompted to restart the server, do so.

6. If this is a clustered configuration (VCS or MSCS), please perform steps 1-5 on all additional nodes in the cluster.


To install the hotfix using the command line
---------------------------------------------
1. At the command prompt, run one of the following commands to extract the hotfix files to the default location:
C:\temp><Hotfix_BuildVersion_IncidentNumber_OS_Platform>.exe /x
or
C:\temp><Hotfix_BuildVersion_IncidentNumber_OS_Platform>.exe /extract

For example, to extract this hotfix on a 32-bit system, the command is:
C:\temp>Hotfix_3_3_1068b_2372164_x86.exe /x

2. From the command prompt, navigate to the default location where the hotfix files are extracted.
On 32-bit systems, the files are extracted to: 
"%commonprogramfiles%\Veritas Shared\WxRTPrivates\<Hotfix_BuildVersion_IncidentNumber>"

On 64-bit systems, the files are extracted to: 
"%commonprogramfiles(x86)%\Veritas Shared\WxRTPrivates\<Hotfix_BuildVersion_IncidentNumber>"

3. At the command prompt, run the following command to install the hotfix: 
VxHF.exe /install:<Hotfix_BuildVersion_IncidentNumber> /silent

Here, <Hotfix_BuildVersion_IncidentNumber> is the name of the hotfix file excluding the OS, platform, and .exe extension.

For example, to install this hotfix on a 32-bit system, the command is:
VxHF.exe /install:Hotfix_3_3_1068b_2372164 /silent

Hotfix Executable Name is Hotfix_3_3_1068b_2372164_x86.exe.
When installing the hotfix, the <Hotfix_BuildVersion_IncidentNumber> name is Hotfix_3_3_1068b_2372164.
(note how the "_x86.exe" is excluded).

4. Follow the instructions displayed in the command prompt to complete the hotfix installation.

5. If prompted to restart the server, do so at this time.

6. If this is a clustered configuration (VCS or MSCS), please perform steps 1-5 on all additional nodes in the cluster.


Additional Notes
----------------+
- To confirm the installation of the hotfix, run the following command:
vxhf.exe /list

The output of this command lists the hotfixes installed on a system.

- For details about a particular hotfix, run the following command:
vxhf.exe /display:<HotfixName>

Here, <HotfixName> is the name of the hotfix file without the platform and the .exe extension.

- The hotfix installer (vxhf.exe) creates and stores logs at:
"%allusersprofile%\Application Data\Veritas\VxHF"

- For general information about the hotfix installer (vxhf.exe), please refer to the following technote:
http://www.symantec.com/business/support/index?page=content&id=TECH73446

- To view a list of hotfixes already installed on a system, please refer to the steps mentioned in the following technote: 
http://www.symantec.com/business/support/index?page=content&id=TECH73438

- For information on uninstalling a hotfix, please refer to the steps mentioned in the following technote: 
http://www.symantec.com/business/support/index?page=content&id=TECH73443


DISCLAIMER
----------+
It is recommended that the fix be evaluated in a test environment before implementing it in your production environment. When the fix is incorporated into a Storage Foundation for Windows maintenance release, the resulting Hotfix or Service Pack must be installed as soon as possible. Symantec Technical Services will notify you when the maintenance release (Hotfix or Service Pack) is available.



Feedback
Click here to rate this page

Read and accept Terms of Service