* ____________________________________________________________________________ * * ID: 33 * PRODUCT: AXWBAS * RELEASE: 11.1 * DESC: NT -DISCOVERY SERVICE SECURITY UPDATE- 64 BIT * SYSTEMS AFFECTED: NT * SOLUTION TEXT: PRODUCT: BAB Windows Common RELEASE: 11.1 APAR #: QO64711 DATE: 25 FEB 2005 PROBLEM DESCRIPTION: NT -DISCOVERY SERVICE SECURITY UPDATE- 64 BIT ---------------------------------------------------- ***NOTE*** This PTF supersedes QO62991 which has been withdrawn ***NOTE*** This PTF supersedes QO62990 which has been withdrawn This update addresses potential security vulnerabilities caused by a buffer overflow condition in the ARCserve Discovery Service. This patch should be applied to all Windows systems where any 64 bit agents or components are installed for ARCserve v9, r11.0, or r11.1. This update is a cumulative patch and supersedes QO62990, which addressed a different vulnerability in the discovery service,originally reported by iDEFENSE . PREREQS: None MPREREQS: None COREQS: None MCOREQS: None SUPERSEDED: QO62990 HYPER: YES DISTRIBUTION CODE: A (A=Available, I=Internal) PROBLEM RESOLUTION: Follow the instructions below: This fix Supersedes the following : QO62990 This fix requires BrightStor ARCserve Backup Release 11 to be installed. 1. Shutdown all BrightStor ARCserve Backup services. 2. Unzip the fix file as follows: CAZIPXP -U QO64711.CAZ 3. Run BAB64bit_discovery.exe to extract the install files. The default location it will extract the files to is c:\BAB64bit_discovery. 4. From this directory, run setup.exe PRODUCT(S) AFFECTED: BrightStor ARCserve Backup for Windows Release 11.1 DOWNLOAD INFORMATION: --------------------- NODE: ftp.ca.com PATH: /CAproducts/unicenter/AXWBAS/nt/GA/QO64711 FILES: QO64711.DFC QO64711.CAZ UPDATED ROUTINES: --------------- BAB64bit_discovery.exe 7763464 FRI FEB 25 10:55:30 2005 * ____________________________________________________________________________ * * NT VERSION: 0 EFFECTIVE: 02/25/2005 ACTION: A *** NO ZAPS FOR THIS VERSION ***