Symantec Response
Symantec takes the security of our products and our customers very seriously. Symantec engineers have verified and corrected these issues in all currently supported vulnerable versions of Symantec's Veritas Volume Replicator.
Updates are available for all supported products. Symantec recommends customers apply the latest product update available for their supported product versions to enhance their security posture and protect against potential security threats of this nature.
To determine if the VVR option is installed on a system
Symantec Veritas Storage Foundation Suite for Windows:
- from a command prompt, run the command "vxrvg.exe", as system or domain administrator
- if the command is NOT found, the VVR option is not installed and the system is not vulnerable
- if the command IS found, the system is vulnerable and the appropriate solution should be applied
Symantec Veritas Storage Foundation Suite for *nix platforms
- run the command: /sbin/vxlictest -n "VERITAS Volume Manager" -f "VVR" as root
- if the license is NOT found, the VVR option is not installed and the system is not vulnerable
- if the license IS found, the system is vulnerable and the appropriate solution should be applied
Note: Should a customer determine at a later date to install the VVR option, the appropriate updates must be applied.
Symantec knows of no exploitation of or adverse customer impact from this issue.
The location for patches listed above for affected products can be found in the following:
http://support.veritas.com/docs/286807
Best Practices
As part of normal best practices, Symantec strongly recommends:
- Restrict access to administration or management systems to privileged users.
- Restrict remote access, if required, to trusted/authorized systems only.
- Run under the principle of least privilege where possible to limit the impact of exploit by threats.
- Keep all operating systems and applications updated with the latest vendor patches.
- Follow a multi-layered approach to security. Run both firewall and anti-malware applications, at a minimum, to provide multiple points of detection and protection to both inbound and outbound threats.
- Deploy network and host-based intrusion detection systems to monitor network traffic for signs of anomalous or suspicious activity. This may aid in detection of attacks or malicious activity related to exploitation of latent vulnerabilities
Thanks for your feedback. Let us know if you have additional comments below. (requires login)