IBM Security Virtual Server Protection for VMware 1.1.1.0 ===================================================================== Last modified: 05/16/2013 PLEASE READ THIS DOCUMENT IN ITS ENTIRETY. © Copyright IBM Corporation 2009, 2013. U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. ===================================================================== CONTENTS ===================================================================== - Description - Compatibility - Applying the Update - MD5 of included files - TECHNICAL SUPPORT - Reporting product issues DESCRIPTION ===================================================================== This patch contains enhancements for IBM Security Virtual Server Protection for VMware V1.1.1.0 Details -------- This patch fixes the issue where IBM Security Virtual Server Protection for VMware System can be affected by several vulnerabilities in OpenSSL. These vulnerabilities include obtaining sensitive information and denial of service vulnerabilities that could be exploited remotely by an attacker. In the case of IBM Security Virtual Server Protection for VMware System, SSH can be affected by the vulnerabilities. Further, for these vulnerabilities, no authentication is required, the vulnerability is remotely exploitable, and no specialized knowledge is required. (CVE-2013-0169, CVE-2013-0166, and CVE-2011-4354) This patch also incorporates fixes previously released for IBM Security Virtual Server Protection for VMware V1.1.1.0 as follows: + The iptables on the security virtual machine (SVM) block traffic on eth1 interface, which is used by the anti-rootkit module to communicate with the ESX host to perform rootkit detection. COMPATIBILITY ===================================================================== This update applies only to: IBM Security Virtual Server Protection for VMware V1.1.1.0. APPLYING THE UPDATE ===================================================================== To apply the update: Important: You must have root user permissions to perform the steps in this procedure. Prerequisite: All guest VMs on the ESX/ESXi host must be migrated to another host to ensure business continuity. If the guest VMs are not migrated, then you must shut them down before you follow these instructions. These instructions assume that VSP V1.1.1.0 is running on the ESX/ESXi host. 1. Copy the patch file to the /root directory of the SVM (1.1.1.2-ISS-VSP-svm-FP002.sh). 2. On the SVM, run the patch installation script: sh 1.1.1.2-ISS-VSP-svm-FP002.sh TROUBLESHOOTING ===================================================================== Refer to the following Technote for troubleshooting information if the procedure is not successful: http://www-01.ibm.com/support/docview.wss?uid=swg21610899 MD5 OF INCLUDED FILES ===================================================================== 2C0A643F96F31D594EA2DB7B82E713A8 1.1.1.2-ISS-VSP-svm-FP002.sh TECHNICAL SUPPORT FOR NORTH AMERICA ===================================================================== IBM SECURITY SYSTEMS provides technical support to customers that are entitled to receive support. The IBM Support Portal -------- Before you contact IBM SECURITY SYSTEMS about a problem, see the IBM Support Portal at http://www.ibm.com/software/support The IBM Software Support Guide -------- If you need to contact technical support, use the methods described in the IBM Software Support Guide at http://www14.software.ibm.com/webapp/set2/sas/f/handbook/home.html The guide provides the following information: - Registration and eligibility requirements for receiving support - TECHNICAL SUPPORT telephone numbers for the country in which you are located - Information you must gather before contacting TECHNICAL SUPPORT INFORMATION REQUIRED FOR REPORTING PRODUCT ISSUES ===================================================================== If you encounter a problem with this product, please make notes that are as detailed as possible about the following: - Version of IBM Security Virtual Server Protection for VMware - IBM Security Virtual Server Protection for VMware configuration - Network deployment - Specific failure symptoms or undesirable behavior This information helps us reproduce the problem and resolve it as quickly as possible.