Forum Discussion

  • Hello - 

    We are currently on 9.1.0.1

    I was informed to run the latest Veritas Update for 9.1.0.1 - NetBackup 9.1.0.1 / 4.1.0.1 Hotfix - MSDP Preferred EEB Bundle (Etrack 4047040)

    This was added to the Veritas Support on 5/13/2024 - yesterday.

    We dont use MSDP.  I installed it on a Test Netbackup client that is showing the HIGH vulnerability but it did nothing.  Seem like it skipped pretty much everything.  

    So is the alternative to fix/clear the vulnerability for no permissions on C:\ProgramData\boost_interprocess

    Is to give the local Administrator account FULL access only or ?

     

    Thanks

    BC

     

    • Vincent_L's avatar
      Vincent_L
      Level 3
      I also applied the EEB fix for clients 10.0.0.1 and still being flagged out by the scanner.

      Seems like only way is to upgrade to min 10.1.1 and apply the fix or apply the mitigation.
      • bc1410's avatar
        bc1410
        Level 6

        I was told by Veritas that can change the permission on the "C:\ProgramData\boost_interprocess " so that non-administrator users cannot access the boost_interprocess directory.  

        Veritas stated that this will not clear the vuln from security center and that we would probably need to recast the vulnerability in security center

  • the recommended is to upgrade to minimum 10.1.1 and apply msdp bundle eeb for that version on your windows servers.(execpt for 10.4 which doesn't require any eeb installation).

    otherwise, as it is described in the article the mitigation step is to restrict  access to the boost_interprocess directory (C:\ProgramData\boost_interprocess) to local administrator users only

    • Vincent_L's avatar
      Vincent_L
      Level 3
      How about those Master servers, ops centre running on Windows and on version 10.1.1? Needs to apply the EEB as well?
      • Hamza_H's avatar
        Hamza_H
        Moderator

        Hi  Vincent,

        as it is stated in the article by veritas:

        Affected Components: Only on Microsoft Windows Operating Systems - Primary Server, Media Server and Clients
        Affected Versions: 10.3.0.1, 10.3, 10.2.0.1, 10.2, 10.1.1, 10.1, 10.0.0.1, 10.0, 9.1.0.1, 9.1, 8.3.0.2.
                 Note: Older unsupported versions may also be affected.

        Recommended Action:

        Mitigation:  Restrict access to the boost_interprocess directory (C:\ProgramData\boost_interprocess) to local administrator users only

         

        so for 10.1.1 you need to install the MSDP bundle on all servers concerned (master, media & clients).

  • Thanks Jnardello for the reply.

    So for that upgradation is the only option or can we prevent this from client end to change any settings on OS level.

  • If you are still running 8 year old NetBackup software, let alone an OS that is still supported, this advisory is probably a drop in the bucket.

    Yes client-side deduplication was a feature under v7.7.3, so yes you're probably vulnerable.

    Yes, you should be telling your Management that clients that insist on running the legacy OSes that still require versions this old are massive security risks, are unsupported by the involved Vendors, and should be shutdown for the safety (and sanity) of everyone.