() Ending the backup of the file . Not all data in the file has been read (read bytes out of bytes).

Details
Product: Exchange
Event ID: 222
Source: ESE
Version: 6.5.6940.0
Component: Microsoft Exchange Extensible Storage Engine
Message: <process name> (<process id>) <number>Ending the backup of the file <file name>. Not all data in the file has been read (read <number> bytes out of <number> bytes).
   
Explanation

Ending backup of the database. Not all data in the file has been read. Note the filename and number of bytes that were read successfully. Your database might not have been completely backed up.

   
User Action

For a history of database backup activity, view the Database Backup Status view under Public Views\Exchange 2000.

For additional information about what caused the backup problem, see the application event log for additional ESE errors, particularly Event ID 478.

Related:

process name (process id) file nameThe streaming page read from the file “value” at offset value for error code bytes failed verification due to a page checksum mismatch. The expected checksum was value and the actual checksum was %9. The read operation will fail with error value. If this condition persists then please restore the database from a previous backup.

Details
Product: Exchange
Event ID: 478
Source: ESE
Version: 6.5.0000.0
Message: process name (process id) file nameThe streaming page read from the file “value” at offset value for error code bytes failed verification due to a page checksum mismatch. The expected checksum was value and the actual checksum was %9. The read operation will fail with error value. If this condition persists then please restore the database from a previous backup.
   
Explanation

The streaming database specified in the message is corrupt.

An online Exchange-aware backup fails to complete and you receive the following phrases in the event Description:

Information Store (number) The streaming page read from the file

“[path]\priv1.stm” failed verification due to a page checksum mismatch. The read

operation will fail with error -613 (0xfffffd9b). If this condition persists,

restore the database from a previous backup.

  • Error -613 =  0xfffffd9b = JET_errSLVReadVerifyFailure = Checksum error

    in SLV file during backup. This issue occurs because in certain database

    operations, including but not limited to online backup, the backup routine makes

    a call to the operating system to read a 4-KB page of data from the database on

    disk and write the data to tape. Before the online backup process writes the

    data that is returned from the operating system call to the tape, the online

    backup process compares the checksum value in the page header (recorded when

    this page was written to disk) to that being returned from the READ call. If the

    checksum values do not match, the Exchange database engine detects this and

    returns the error -613. Error -613 (JET_errSLVReadVerifyFailure) is

    similar to error -1018 (JET_errReadVerifyFailure). Exchange logs error -613

    for checksum errors on the .stm database file and logs error -1018 for checksum
    errors on the .edb database file.

  • Anti-virus software — program settings such as manual scans and file

    level scans of database folders and the M: drive and settings for the

    anti-virus software in the Registry.

  • 3rd Party programs such as anti-spam programs, SMTP disclaimer software packages,

    and mail archiving programs .

  • Problems with the hard disk subsystem or controllers of the system.
   
User Action
  • To resolve this issue, first determine the root cause of the corruption. To

    do so, check the system log, run chkdsk and perform other diagnostic tasks. If

    you do not determine and fix the root cause of the -613 error, the corruption

    problem may occur again, even if you repair the databases or restore the

    databases from a backup.

  • Try removing the anti-virus software, or 3rd party software, for testing

    purposes.

  • Resolution 1 – Restore the information store from the previous online

    backup.

  • Resolution 2 – Move the mailboxes to another server or mailbox store.

    If the public folder store is affected, replicate the content of the public folders to another server.

  • Resoluton 3 – If there is no valid online backup and as a last resort ,

    perform a repair using eseutil /p and then run the isinteg -fix.

    If the resolution requires a repair, you cannot repair the .stm file alone —

    you must repair the .edb file and its associated .stm file. After this

    procedure, the database may not be stable and reliable. Microsoft

    recommends that you immediately move the data out of the repaired database to

    a new database or rebuild the database.

Related:

{process name} ({process id}) The database page read from the file “{name}” at offset {value} for {value} bytes failed verification due to a page checksum mismatch. The expected checksum was {value} and the actual checksum was {value}. The read operation will fail with error {error code}. If this condition persists then please restore the database from a previous backup.

Details
Product: Exchange
Event ID: 474
Source: ESE98
Version: 6.0
Component: Extensible Store Engine
Symbolic Name: DATABASE_PAGE_CHECKSUM_MISMATCH_ID
Message: {process name} ({process id}) The database page read from the file “{name}” at offset {value} for {value} bytes failed verification due to a page checksum mismatch. The expected checksum was {value} and the actual checksum was {value}. The read operation will fail with error {error code}. If this condition persists then please restore the database from a previous backup.
   
Explanation
A database page is corrupt.
   
User Action
Restore the database from backup media.

Related:

%1 (%2) %3Ending the backup of the file %4. Not all data in the file has been read (read %5 bytes out of %6 bytes).

Details
Product: Exchange
Event ID: 222
Source: ESE
Version: 6.5.0000.0
Message: %1 (%2) %3Ending the backup of the file %4. Not all data in the file has been read (read %5 bytes out of %6 bytes).
   
Explanation
Ending backup of the database. Not all data in the file has been read. Note the filename and number of bytes that were read successfully. Your database might not have been completely backed up.
   
User Action

For a history of database backup activity, view the Database Backup Status view under Public Views\Exchange 2000.

For additional information about what caused the backup problem, see the application event log for additional ESE errors, particularly Event ID 478.

Related:

VU#779243: EpubCheck 4.0.1 contains a XML external entity processing vulnerability

Vulnerability Note VU#779243

EpubCheck 4.0.1 contains a XML external entity processing vulnerability

Original Release date: 13 Dec 2016 | Last revised: 14 Dec 2016

Overview

EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks.

Description

EpubCheck is a tool to validate that EPUB files follow the proper format. It can be used as a stand alone command line utility, or included in a project (most commonly being epub readers) as a library.

CWE-611: Improper Restriction of XML External Entity Reference (‘XXE’) – CVE-2016-9487
EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf, abusing the victim’s trust relationship with other entities.

Impact

A remote attacker may be able to access arbitrary files on a system, or cause the system execute arbitrary requests.

Solution

Apply an update

EpubCheck has released version 4.0.2 to address the vulnerability.

Vendor Information (Learn More)

Vendor Status Date Notified Date Updated
Adobe Affected 13 Dec 2016
Apple Affected 14 Dec 2016
International Digital Publishing Forum Affected 13 Oct 2016 09 Dec 2016

If you are a vendor and your product is affected, let
us know
.

CVSS Metrics (Learn More)

Group Score Vector
Base 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P
Temporal 5.9 E:–/RL:OF/RC:C
Environmental 4.5 CDP:N/TD:M/CR:ND/IR:ND/AR:ND

References

Credit

Thanks to Craig Arendt for reporting this vulnerability.

This document was written by Trent Novelly.

Other Information

  • CVE IDs:
    CVE-2016-9487
  • Date Public:
    13 Dec 2016
  • Date First Published:
    13 Dec 2016
  • Date Last Updated:
    14 Dec 2016
  • Document Revision:
    13

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Related: