cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Searching for more info on BPCD Vulnerabilities

Jason_Voyles
Level 4

‎12-14-2006 01:08 PM

Here is a link to the Symantec release made yesterday:
http://www.symantec.com/avcenter/security/Content/2006.12.13a.html

Here's a link to Security Focus's database entry:
http://www.securityfocus.com/bid/21565


The problem I see, is that it doesn't reference what OS the problem applies to. It also doesn't go in depth into what versions are Vulnerable, and instead only says the specific version that are safe.

If anyone has more information on this exploit and can tell us if Windows boxes are affected or any other in formation, please post it, it will help in our patch cycle assessment. Thank you.
(BTW.. The phone banks are Swamped right now.)
0 Kudos
4 REPLIES 4

DavidParker
Level 6

‎12-14-2006 01:14 PM

Jason,
The 'Platforms' column in the table a little ways down is where you find the OS's affected.
It says that ALL OS's are afftected.
It also says that ALL versions of NBU are affected.

Take a look through the tech note about it:
http://entsupport.symantec.com/docs/285082

So, Yes, Windows systems are affected.
0 Kudos

Jason_Voyles
Level 4

‎12-14-2006 02:20 PM

Yep. I called the support and they updated the text of the document to reflect it clearer. Once I got someone on the phone, it only took them about 5 minutes to update the document. Unfortunately it doesn't help with our parching. Whelp.. that's why I have a job I guess. Guh.. off to work testing & patching..
0 Kudos

Dennis_Strom
Level 6

‎12-14-2006 04:21 PM

run ipfilter on the your machines then you "only" have to worry about local exploints.
0 Kudos

h_m
Level 6

‎12-14-2006 11:37 PM

You still get vm.conf's on Windows, as Davis said, so need to take that into consideration.

I dont quite understand what happens with 6.x though, as when you upgrade it changes the vm.conf a bit and also moves it into emm, leaving a copy on the host (for rollbacak purposes i think) but I'm not sure if it still relies on it (with NBU 6.0). Anyone confirm this?
0 Kudos