Veritas-bu

[Veritas-bu] qualys vulnerability

2007-03-05 11:01:46
Subject: [Veritas-bu] qualys vulnerability
From: mike_heck at symantec.com (Mike Heck)
Date: Mon, 5 Mar 2007 10:01:46 -0600
All,

I have done further looking into this issue on the NetBackup side. In
recent months NetBackup has begun including a static string in the
binary files sent out with each patch, this string will appear as
"NetBackup_51MP6" or "NetBackup_51_MP6" this is to assist in the
versioning process, in addition we have always updated a patch file on
the servers that have been patched. 

How is Qualys determining that there is an existing vulnerability? Are
they running tests on the executable, checking a database against a
checksum, checking file size and creation date, or looking for a static
string in the file? If, as Ed stated, they are basing the alert on a
string they get back then the current bpjava-msvc then anyone at 5.1MP6
can verify by running a strings |grep NetBackup on the bpjava-msvc file.

The way Symantec/VERITAS has dealt with these issues in the past and
will continue to deal with them in the future is by issuing techalerts
and technotes like these for the upcoming Daylight Savings Time change:
http://support.veritas.com/docs/286772
http://support.veritas.com/docs/286497

Thank you,
Mike Heck
Symantec, NetBackup
Customer Focus Team Member


<Prev in Thread] Current Thread [Next in Thread>