File Name: IC34618.FIX IBM Director Emergency Fix (eFix) APAR IC34618 For Version 3.1.1 CONTENTS ______________________________________________________________________ 1.0 Overview 2.0 Change History 3.0 Installation Instructions 4.0 Configuration Information 5.0 Unattended Mode 6.0 Web Sites and Support Phone Number 7.0 Trademarks and Notices 8.0 Disclaimer 1.0 Overview ______________________________________________________________________ 1.1 Features or Support added 1.2 Issues Addressed APAR IC34618 - VULNERABLILITY TO CERT ADVISORY CA-2002-03 IBM Director 3.1 has potentially exploitable SNMP buffers. This may cause the remote execution of arbitrary code. 1.3 eFix IC34618 is for the following hardware configurations All 1.4 eFix IC34618 is for the following operating systems Windows 2000 Server Windows 2000 Professional Windows NT 4.0 Server Windows NT 4.0 Workstation 1.5 eFix IC34618 is for the following software configurations Director Server 3.1.1 1.6 Dependencies Windows NT 4.0 Service Pack 6 is required. SNMP Service install is required. 1.7 Limitations Administrator privileges are required. 2.0 Change History ______________________________________________________________________ 2.1 Files Replaced or Added 2.1.1 Windows 2000 and Windows XP Directory of C:\Program Files\Director\classfix\com\ tivoli\twg\snmp\ 09/01/2002 02:40 PM 16,605 TWGSnmpTrapObserver.class 09/01/2002 02:40 PM 2,082 SNMP $TrapFilterListener.class 09/01/2002 02:40 PM 11,781 SNMP.class 09/01/2002 02:40 PM 17,183 SNMPPDU.class Directory of C:Program Files\Director\libs\ 09/14/2002 11:39 PM 356,288 ibmsnmp.jar 2.2 Registry changes made 2.2.2 Windows 2000 and Windows XP HKLM\SYSTEM\CurrentControlSet\Services\.NETFramework \Performance] Library=mscoree.dll Open=OpenCtrs 3.0 Installation Instructions ______________________________________________________________________ 3.1 The primary installation method is to run IC34618.exe. This will automatically extract the necessary files and start the eFix installation process. Follow the prompts to complete the installation. 4.0 Configuration Information ______________________________________________________________________ 4.1 eFix IC34618 is intended for the configurations listed in sections 1.3, 1.4 and 1.5. This eFix is not for use with other versions of the product and may cause serious functionality problems or data loss if misused. Do not install this eFix on versions or configurations other than those listed in this readme. 4.2 eFix Version Information CompID: 5697NFD00 Release: 3.1.1 Level: D0245 Product Code: 0FF3E069-4B9F-4650-93DA-446ABF670D94 5.0 Unattended Mode ______________________________________________________________________ 5.1 Command line parameters 5.1.1 Package For The Web parameters -a Required by PFTW (-a Must appear before eFix parameters) -s Silent PTFW install 5.1.2 eFix parameters -s Silent eFix install -r Reboot the system -v Restart stopped services -d Debug Log -? Display this help message 5.1.3 Examples Silent Install with reboot: IC34618.exe -s -a -s -r Silent Install without reboot: IC34618.exe -s -a -s Silent install with a debug log: IC34618.exe -s -a -s -d c:\\msi.log The -a argument must precede all eFix arguments. All arguments are case sensitive. 6.0 Web Sites and Support Phone Number ______________________________________________________________________ 6.1 IBM Support Web Site http://www.pc.ibm.com/support 6.2 IBM Large Business Soutions Web Site http://www.pc.ibm.com/ww/solutions/large_business/index.html 6.3 IBM Universal Mangeability Web Site http://www.pc.ibm.com/ww/eserver/xseries/systems_management/ nfdir.html 6.4 IBM Universal Manageability Services Website http://www.pc.ibm.com/ww/alliances/lifecycle/ums/index.html 6.5 If you have any questions about this update, or problems applying the update please seek assistance from one of the following support sites. 6.5.1 IBM Director eMail Support http://www.pc.ibm.com/us/desktop/lccm/esupport.html 6.5.2 IBM Director Support Forum http://www7.pc.ibm.com/~UMS 7.0 Trademarks and Notices ______________________________________________________________________ 7.1 The following terms are trademarks of the IBM Corporation in the United States or other countries or both: AIX, IBM, Netfinity, Netfinity Director, Universal Manageability Services, IBM Director, OS/2, RS/6000, LANClient Control Manager, Remote Deployment Manager, Tivoli IT Director, and Tivoli Management Environment 7.2 The following are trademarks of their respective owners: Microsoft, Windows, Windows NT, and the Windows logo are trademarks or registered trademarks of Microsoft Corporation IPX, Novell, and NetWare are trademarks of Novell, Incorporated SCO UnixWare 7 (c) Copyright of Santa Cruz Operation UNIX is a registered trademark in the United States and other countries licensed exclusively through X/Open Company Limited Java and Hot Java are trademarks of Sun Microsystems, Inc Other company, product, and service names may be trademarks or service marks of others. All other brand or product names are trademarks or registered trademarks of their respective holders. 8.0 Disclaimer ______________________________________________________________________ 8.1 THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IBM DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE AND MERCHANTABILITY WITH RESPECT TO THE INFORMATION IN THIS DOCUMENT. BY FURNISHING THIS DOCUMENT, IBM GRANTS NO LICENSES TO ANY PATENTS OR COPYRIGHTS. 8.2 Note to U.S. Government Users -- Documentation related to restricted rights -- Use, duplication or disclosure is subject to restrictions set forth in GSA ADP Schedule Contract with IBM Corp.