|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: system PRIVILEGED account (root_at_stage1.cxo.cpqcorp.net)
Date: Wed Oct 09 2002 - 06:30:02 CDT
*******************************************************************************
* *
* This is a newly released patch... *
* *
* Online links can be found at *
* http://ftp.support.compaq.com/patches/public/windows/pc/v4.0/prs/4.5/csg45sp2.README
*******************************************************************************
TITLE: PRS V4.5] csg45sp2 Proactive Remote Service (Windows) ECO Summary
*PRS V4.5] csg45sp2 Proactive Remote Service (Windows) ECO Summary
New Kit Date: 04-OCT-2002
Modification Date: Not Applicable
Modification Type: NEW KIT
Copyright (c) Compaq Computer Corporation 2001,2002. All rights reserved.
PRODUCT: Proactive Remote Service V4.5 for Windows
OP/SYS: Windows NT
Windows 2000
SOURCE: Compaq Computer Corporation
ECO INFORMATION:
ECO Kit Name: csg45sp2
csg45sp2.exe
ECO Kits Superseded by This ECO Kit: None
ECO Kit Approximate Size: 11719 Blocks
Kit Applies To: Proactive Remote Service V4.5
Windows NT 4.0 and Windows 2000
System/Cluster Reboot Necessary: Information Not Available
Rolling Re-boot Supported: Information Not Available
Installation Rating: INSTALL_UNKNOWN
Kit Dependencies:
The following remedial kit(s) must be installed BEFORE
installation of this kit:
None
In order to receive all the corrections listed in this
kit, the following remedial kits should also be installed:
None
ECO KIT SUMMARY:
An ECO kit exists for Proactive Remote Service V4.5 on Windows NT
and Windows 2000.
Welcome to PRS 4.5 Service Pak 2 for customer service gateways.
NOTE: Service Pak 1 is not required if you are installing Service Pak 2,
because Service Pak 2 also includes all of the updates contained in
Service Pak 1.
*** Summary ***
A potential PRS vulnerability has been reported where, under certain
circumstances, non-privileged users may gain unauthorized access to
privileged files through the CRSM web interface. This vulnerability may
introduce local and remote security domain risks.
Service Pak 2 removes the vulnerability and prevents the associated
unauthorized access.
*** Prerequisites ***
Make sure the following prerequisites are ready before installing Service
Pak 2:
* The system must be a PRS customer service gateway (CSG).
* Version 4.5 must already be installed. To verify, go to
Start | Settings | Control Panel. Under Add/Remove Programs, check
for the "Compaq Remote Support Services 4.5" entry.
* If Service Pak 1 was already installed, uninstall it before adding
Service Pak 2.
To verify, open the CRSM viewer (Start | Programs | Compaq Remote
Support Module 4.5 | CRSM Viewer) and check for "SP1" in the upper
right portion of the display. Uninstall SP1 by rerunning the
CSG45SP1.exe file.
* The WorldWire component must be present. To verify, check for menu
options under Start | Programs | WorldWire.
* The Compaq Remote Support Module (CRSM) component must be present. To
verify, check for menu options under Start | Programs | Compaq Remote
Support Module 4.5.
It does not matter if any PRS services are running when the update is
installed, but be aware that all running PRS services will be temporarily
stopped during the update.
Service Pak 2 addresses a security vulnerability where, under certain
circumstances, non-privileged users may gain unauthorized access to
privileged files through the CRSM web interface.
Service Pak 2 also addresses the following issues that were included in
Service Pak 1. You do not need to install SP1. Furthermore, you must
uninstall SP1 (if it was installed) before adding SP2.
* CRSM now supports extended SNMP GETS, which provide increased service
context information.
* A problem with the crsm.exe process stopping and generating a Dr.
Watson error log during simulated notifications has been corrected.
(PTR 91-19-526)
Engineers were purposely crashing an HSG controller attached to a
SANworks Management Appliance (SWMA) running V4.5 and WEBES V4.0.
Forcing the controller to crash showed normal event notification in
the SWMA OSM Element Manager, and the event also appeared in the
application event log. Then, the application event log would show an
immediate Dr. Watson entry stating that crsm.exe had crashed. The
crash was caused by a buffer over-run inside of one of the JNI DLLs
used by the CRSM process.
* Remote access to CRSM through WorldWire is now working.
(PTR 91-19-635)
The previous WorldWire incoming TransPortal file
(DsntransportalIn.exe) on the CSG included HTTP headers that were
preventing service providers from remotely running CRSM via Service
Cockpit.
* The CRSM notification page now displays the correct local system name
instead of a name that shows the name of the service provider
gateway. (PTR 91-19-636)
WorldWire associates the service provider system name with the local
IP address in the Windows driver\etc\hosts file so that the
TransPortal listener can accept a request locally. Requests for the
local host name through the Java API (getHostName()) were producing
the "associated" WorldWire name instead of the primary local name.
SP1 bypasses Java and uses a JNI call to get the primary name for the
given IP address.
* Issues related to incoming notifications that did not open a case on
the call handling system (CHS) have been closed. (PTR 91-19-648)
This problem can occur when a customer Access ID is valid for PRS at
the service provider gateway (valid for WorldWire) but not at the CHS
itself. Errors indicated that there was no record in the CHS database
that corresponded to the Access ID.
*** File Replacement ***
This Service Pak installs new versions of the following files:
C:\Program Files\Compaq\Compaq Remote Support Module 4.5\CRSM.exe
C:\Program Files\Compaq\Compaq Remote Support Module 4.5\html\logo.htm
C:\Program Files\Compaq\Compaq Remote Support Module 4.5\snmpJNI.dll.dll
C:\Program Files\Compaq\DSN\EXE\DSNTransportalIN.exe
Before replacement, the Service Pak backs up the older version of each
file as follows:
C:\Program Files\Compaq\Compaq Remote Support Module 4.5\BACKUPCRSM.exe
C:\Program Files\Compaq\Compaq Remote Support Module
4.5\html\BACKUPlogo.htm
C:\Program Files\Compaq\Compaq Remote Support Module 4.5\BACKUPsnmpJNI.dll
C:\Program Files\Compaq\DSN\EXE\BACKUPDSNTransportalIN.exe
Uninstalling the Service Pak deletes the new files and restores the
backups to their original file names.
Service Pak 1 addresses the following:
o CRSM now supports extended SNMP GETS, which provide increased service
context information.
o A problem with the crsm.exe process stopping and generating a Dr.
Watson error log during simulated notifications has been corrected.
(PTR 91-19-526)
Engineers were purposely crashing an HSG controller attached to a
SANworks Management Appliance (SWMA) running V4.5 and WEBES V4.0.
Forcing the controller to crash showed normal event notification in
the SWMA OSM Element Manager, and the event also appeared in the
application event log. Then, the application event log would show an
immediate Dr. Watson entry stating that crsm.exe had crashed. The
crash was caused by a buffer over-run inside of one of the JNI DLLs
used by the CRSM process.
o An issue with not being able to restrict client access to CRSM is
resolved. (PTR 91-19-629)
CRSM was remaining accessible from any browser on the network even
though Program Files\Compaq\Compaq Remote Support Module
4.5\hosts.txt was properly configured. This relates to an operator
configuration setting. Administrators need to add the service
provider gateway external IP address to the list of authorized hosts
for IIS on the machine hosting CRSM. This is configured using the IIS
snap-in through the IP Address and Domain Name Restrictions dialog on
the Directory Security tab.
o Remote access to CRSM through WorldWire is now working.
(PTR 91-19-635)
The previous WorldWire incoming TransPortal file
(DsntransportalIn.exe) on the CSG included HTTP headers that were
preventing service providers from remotely running CRSM via Service
Cockpit.
o The CRSM notification page now displays the correct local system name
instead of a name that shows the name of the service provider
gateway. (PTR 91-19-636)
WorldWire associates the service provider system name with the local
IP address in the Windows driver\etc\hosts file so that the
TransPortal listener can accept a request locally. Requests for the
local host name through the Java API (getHostName()) were producing
the "associated" WorldWire name instead of the primary local name.
SP1 bypasses Java and uses a JNI call to get the primary name for the
given IP address.
o Issues related to incoming notifications that did not open a case on
the call handling system (CHS) have been closed. (PTR 91-19-648)
This problem can occur when a customer Access ID is valid for CPRS at
the service provider gateway (valid for WorldWire) but not at the CHS
itself. Errors indicated that there was no record in the CHS database
that corresponded to the Access ID.
INSTALLATION NOTES:
Follow these steps to install the update:
1. Download the file CSG45SP2.exe to a directory on the customer service
gateway.
2. Run the file. You can double click its icon in the Windows Explorer
window or choose Start | Run, for example.
3. Follow the prompts that appear in the dialogs.
*** Post-Installation ***
For any web browser pointing to CRSM on the upgraded customer service
gateway, clear the browser cache according to the appropriate procedure
for that web browser.
*** Verifying the Update ***
If desired, you can verify the update by opening the CRSM viewer
(Start | Programs | Compaq Remote Support Module 4.5 | CRSM Viewer) and
checking for "SP2" in the upper right portion of the display.
*** Uninstalling and Reinstalling ***
If you plan to uninstall PRS 4.5, first uninstall SP2. You can uninstall
the Service Pak by rerunning the CSG45SP2.exe file and following the
dialog prompts.
If you reinstall version 4.5, remember to reinstall the Service Pak as
well.
All trademarks are the property of their respective owners.
---
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]