Hi,
I use the f-secure management suite under Linux Debian 7.4 64bits.
fsaua, fsaus en fspms seems to work correctly, except for virus distribution to workstation.
In the fspms logs I receive a realloc() error :
sudo -u fspms /opt/f-secure/fspms/bin/fsavupd --debug
avmisc seems to be non extract
Sending registeration
Asking latest segmentation rules
Sending update request for avmisc version 1369636185
Sending update request for BLENG version 2013052701
Sending update request for gemdb version 1397198576
Sending update request for hipscfg version 1397212201
Sending update request for idsdb version 1232363088
Sending update request for SCDB3 version 2013071801
Sending update request for SCDB31 version 0
Sending update request for hydrawin version 1397208048
Sending update request for hydralinux version 1397208044
Sending update request for mlcwin version 1391497725
Sending update request for aquawin32 version 1397204042
Sending update request for fsav_900_bin version 1390295866
Sending update request for orsp-win-v2 version 1370467978
Sending update request for litmus-bin version 1394529059
Sending update request for exploitshield_v2 version 1329915224
Sending update request for css_720_bin version 1395139428
Sending update request for aqualnx32 version 1397204108
Sending update request for commtouchunix version 1395063913
Sending update request for fmlibunix version 1396531743
Sending update request for fsav_1000_bin version 1396533212
Sending update request for fsav_1100_bin version 1396533309
Sending update request for hipsn version 1393853040
Sending update request for nifbin version 1396349931
Sending update request for lynx-windows version 0
Sending update request for sidegrade version 1391674522
Requesting AUA to perform immediate update
Received segrules
Received packet UPDATE_REQUEST_OK, avmisc version 1369636185
Received packet UPDATE_REQUEST_OK, BLENG version 2013052701
Received packet UPDATE_REQUEST_OK, gemdb version 1397198576
Received packet UPDATE_REQUEST_OK, hipscfg version 1398216600
Received packet UPDATE_REQUEST_OK, idsdb version 1232363088
Received packet UPDATE_REQUEST_OK, SCDB3 version 2013071801
Received packet UPDATE_REQUEST_OK, SCDB31 version 0
Received packet UPDATE_REQUEST_OK, hydrawin version 1398417652
Received packet UPDATE_REQUEST_OK, hydralinux version 1398417648
Received packet UPDATE_REQUEST_OK, mlcwin version 1391497725
Received packet UPDATE_REQUEST_OK, aquawin32 version 1398640671
Received packet UPDATE_REQUEST_OK, fsav_900_bin version 1390295866
Received packet UPDATE_REQUEST_OK, orsp-win-v2 version 1370467978
Received packet UPDATE_REQUEST_OK, litmus-bin version 1398327260
Received packet UPDATE_REQUEST_OK, exploitshield_v2 version 1329915224
Received packet UPDATE_REQUEST_OK, css_720_bin version 1395139428
Received packet UPDATE_REQUEST_OK, aqualnx32 version 1398640714
Received packet UPDATE_REQUEST_OK, commtouchunix version 1395063913
Received packet UPDATE_REQUEST_OK, fmlibunix version 1398250516
Received packet UPDATE_REQUEST_OK, fsav_1000_bin version 1398250783
Received packet UPDATE_REQUEST_OK, fsav_1100_bin version 1398255865
Received packet UPDATE_REQUEST_OK, hipsn version 1393853040
Received packet UPDATE_REQUEST_OK, nifbin version 1396349931
Received packet UPDATE_REQUEST_OK, lynx-windows version 0
Received packet UPDATE_REQUEST_OK, sidegrade version 1391674522
Download complete for hipscfg version 1398216600, OK
Republishing update...running /opt/f-secure/fsaus/bin/bwadmin with args:
0: /opt/f-secure/fsaus/bin/bwadmin
1: addsubchannel
2: -name
3: DB Updates
4: -q
running /opt/f-secure/fsaus/bin/bwadmin with args:
0: /opt/f-secure/fsaus/bin/bwadmin
1: addexpgroup
2: -scname
3: DB Updates
4: -name
5: Main
6: -q
running /opt/f-secure/fsaus/bin/bwadmin with args:
0: /opt/f-secure/fsaus/bin/bwadmin
1: set_segrules
2: -path
3: /tmp/fsauasc_72ed_segrules
4: -q
running /opt/f-secure/fsaus/bin/bwadmin with args:
0: /opt/f-secure/fsaus/bin/bwadmin
1: add_prs
2: -scname
3: DB Updates
4: -egname
5: Main
6: -localdir
7: /tmp/fsauasc_72ed
8: -q
OK
*** glibc detected *** /opt/f-secure/fsaua/bin/fsauasc: realloc(): invalid next size: 0x0000000001784c60 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x76d76)[0x7f124eb08d76]
/lib/x86_64-linux-gnu/libc.so.6(+0x7ca4c)[0x7f124eb0ea4c]
/lib/x86_64-linux-gnu/libc.so.6(realloc+0xf0)[0x7f124eb0ed60]
/opt/f-secure/fsaua/bin/fsauasc[0x412e05]
/opt/f-secure/fsaua/bin/fsauasc[0x4132cb]
/opt/f-secure/fsaua/bin/fsauasc[0x41340b]
/opt/f-secure/fsaua/bin/fsauasc(fsl_unix_socket_readwrite_cb+0x9b)[0x4178fb]
/opt/f-secure/fsaua/bin/fsauasc[0x40fb9b]
/opt/f-secure/fsaua/bin/fsauasc[0x4101bd]
/opt/f-secure/fsaua/bin/fsauasc[0x404580]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd)[0x7f124eab0ead]
/opt/f-secure/fsaua/bin/fsauasc[0x40322a]
======= Memory map: ========
00400000-00434000 r-xp 00000000 08:01 1700871 /opt/f-secure/fsaua/bin/fsauasc
00534000-00535000 rw-p 00034000 08:01 1700871 /opt/f-secure/fsaua/bin/fsauasc
01783000-017a5000 rw-p 00000000 00:00 0 [heap]
7f1248000000-7f1248021000 rw-p 00000000 00:00 0
7f1248021000-7f124c000000 ---p 00000000 00:00 0
7f124e87c000-7f124e891000 r-xp 00000000 08:01 1177348 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f124e891000-7f124ea91000 ---p 00015000 08:01 1177348 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f124ea91000-7f124ea92000 rw-p 00015000 08:01 1177348 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f124ea92000-7f124ec14000 r-xp 00000000 08:01 1181072 /lib/x86_64-linux-gnu/libc-2.13.so
7f124ec14000-7f124ee13000 ---p 00182000 08:01 1181072 /lib/x86_64-linux-gnu/libc-2.13.so
7f124ee13000-7f124ee17000 r--p 00181000 08:01 1181072 /lib/x86_64-linux-gnu/libc-2.13.so
7f124ee17000-7f124ee18000 rw-p 00185000 08:01 1181072 /lib/x86_64-linux-gnu/libc-2.13.so
7f124ee18000-7f124ee1d000 rw-p 00000000 00:00 0
7f124ee1d000-7f124ee1f000 r-xp 00000000 08:01 1181086 /lib/x86_64-linux-gnu/libdl-2.13.so
7f124ee1f000-7f124f01f000 ---p 00002000 08:01 1181086 /lib/x86_64-linux-gnu/libdl-2.13.so
7f124f01f000-7f124f020000 r--p 00002000 08:01 1181086 /lib/x86_64-linux-gnu/libdl-2.13.so
7f124f020000-7f124f021000 rw-p 00003000 08:01 1181086 /lib/x86_64-linux-gnu/libdl-2.13.so
7f124f021000-7f124f038000 r-xp 00000000 08:01 1181090 /lib/x86_64-linux-gnu/libpthread-2.13.so
7f124f038000-7f124f237000 ---p 00017000 08:01 1181090 /lib/x86_64-linux-gnu/libpthread-2.13.so
7f124f237000-7f124f238000 r--p 00016000 08:01 1181090 /lib/x86_64-linux-gnu/libpthread-2.13.so
7f124f238000-7f124f239000 rw-p 00017000 08:01 1181090 /lib/x86_64-linux-gnu/libpthread-2.13.so
7f124f239000-7f124f23d000 rw-p 00000000 00:00 0
7f124f23d000-7f124f25d000 r-xp 00000000 08:01 1181094 /lib/x86_64-linux-gnu/ld-2.13.so
7f124f440000-7f124f443000 rw-p 00000000 00:00 0
7f124f45a000-7f124f45c000 rw-p 00000000 00:00 0
7f124f45c000-7f124f45d000 r--p 0001f000 08:01 1181094 /lib/x86_64-linux-gnu/ld-2.13.so
7f124f45d000-7f124f45e000 rw-p 00020000 08:01 1181094 /lib/x86_64-linux-gnu/ld-2.13.so
7f124f45e000-7f124f45f000 rw-p 00000000 00:00 0
7fff60e2e000-7fff60e4f000 rw-p 00000000 00:00 0 [stack]
7fff60fff000-7fff61000000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted
And, of course, the virus definition update are not distributed to clients.
on the other side, the policies are well distributed.
Is this may be due to the Debian version I used (7.4 64b)?
I didn't try with older Debian distro yet.
Thanks
Claude