cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Security Advisory affecting NetBackup on Windows--Issue: Arbitrary File Delete

fb1
Level 2

2 weeks ago

Hello Team,

Security Advisory affecting NetBackup on Windows--Issue: Arbitrary File Delete ---any impact on Netbackup version 7.7.3 & lower versions.

Below is the reference article:

https://www.veritas.com/support/en_US/security/VTS24-001

0 Kudos
6 REPLIES 6

jnardello
Moderator
Moderator
   VIP    Certified

2 weeks ago

If you are still running 8 year old NetBackup software, let alone an OS that is still supported, this advisory is probably a drop in the bucket.

Yes client-side deduplication was a feature under v7.7.3, so yes you're probably vulnerable.

Yes, you should be telling your Management that clients that insist on running the legacy OSes that still require versions this old are massive security risks, are unsupported by the involved Vendors, and should be shutdown for the safety (and sanity) of everyone.

fb1
Level 2

a week ago

Thanks Jnardello for the reply.

So for that upgradation is the only option or can we prevent this from client end to change any settings on OS level.

0 Kudos

StefanosM
Level 6
Partner    VIP    Accredited Certified

a week ago

I'm not sure that is present at 7.7.3.
It it is, you can try to stop and disable the "NetBackup Deduplication Multi-Threaded Agent" service
https://www.veritas.com/support/en_US/article.100038632

or check for "Configuring the Deduplication Multi-Threaded Agent behavior" at the deduplication guide of 7.7.3

0 Kudos

Hamza_H
Moderator
Moderator
   VIP   

a week ago - last edited a week ago

the recommended is to upgrade to minimum 10.1.1 and apply msdp bundle eeb for that version on your windows servers.(execpt for 10.4 which doesn't require any eeb installation).

otherwise, as it is described in the article the mitigation step is to restrict  access to the boost_interprocess directory (C:\ProgramData\boost_interprocess) to local administrator users only

0 Kudos

Vincent_L
Level 3
In response to Hamza_H

Thursday

How about those Master servers, ops centre running on Windows and on version 10.1.1? Needs to apply the EEB as well?
0 Kudos

Hamza_H
Moderator
Moderator
   VIP   
In response to Vincent_L

Thursday

Hi  Vincent,

as it is stated in the article by veritas:

Affected Components: Only on Microsoft Windows Operating Systems - Primary Server, Media Server and Clients
Affected Versions: 10.3.0.1, 10.3, 10.2.0.1, 10.2, 10.1.1, 10.1, 10.0.0.1, 10.0, 9.1.0.1, 9.1, 8.3.0.2.
         Note: Older unsupported versions may also be affected.

Recommended Action:

Mitigation:  Restrict access to the boost_interprocess directory (C:\ProgramData\boost_interprocess) to local administrator users only

 

so for 10.1.1 you need to install the MSDP bundle on all servers concerned (master, media & clients).

0 Kudos