Discussion:
POODLE: SSLv3 vulnerability (CVE-2014-3566)
(too old to reply)
Steinmetz, Paul
2014-10-22 17:55:17 UTC
Permalink
Raw Message
I just received this notification, not sure if iSeries is vulnerable?

https://access.redhat.com/security/cve/CVE-2014-3566

How do we confirm?

If positive, is there and what is the fix?


Thank You
_____
Paul Steinmetz
IBM i Systems Administrator

Pencor Services, Inc.
462 Delaware Ave
Palmerton Pa 18071

610-826-9117 work
610-826-9188 fax
610-349-0913 cell
610-377-6012 home

psteinmetz-3xFsXxMo6CTQT0dZR+***@public.gmane.org
http://www.pencor.com/
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Scott Klement
2014-10-22 18:02:18 UTC
Permalink
Raw Message
IBM i doesn't typically use the openssl library for SSL. It uses IBM's
own SSL library, which is completely separate.

It's possible that you might be running some Unix software in PASE
that's using OpenSSL for SSL and therefore might be susceptible to this
flaw.

But I can't think of any IBM i shop that I've seen that's doing that.
All are using stuff like the HTTP, Telnet, FTP, etc that are included
with the OS, and they don't use OpenSSL so can't be affected by it's bugs.
Post by Steinmetz, Paul
I just received this notification, not sure if iSeries is vulnerable?
https://access.redhat.com/security/cve/CVE-2014-3566
How do we confirm?
If positive, is there and what is the fix?
Thank You
_____
Paul Steinmetz
IBM i Systems Administrator
Pencor Services, Inc.
462 Delaware Ave
Palmerton Pa 18071
610-826-9117 work
610-826-9188 fax
610-349-0913 cell
610-377-6012 home
http://www.pencor.com/
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
r***@public.gmane.org
2014-10-22 18:07:06 UTC
Permalink
Raw Message
You betcha. Not that I give a rip but it affects PCI compliance.

http://www-01.ibm.com/support/docview.wss?uid=nas8N1020292

http://lmgtfy.com/?q=CVE-2014-3566+%22IBM+i%22+site%3Aibm.com


Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: "Steinmetz, Paul" <PSteinmetz-3xFsXxMo6CTQT0dZR+***@public.gmane.org>
To: "'Midrange Systems Technical Discussion'"
<midrange-l-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org>
Date: 10/22/2014 01:55 PM
Subject: POODLE: SSLv3 vulnerability (CVE-2014-3566)
Sent by: "MIDRANGE-L" <midrange-l-bounces-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org>



I just received this notification, not sure if iSeries is vulnerable?

https://access.redhat.com/security/cve/CVE-2014-3566

How do we confirm?

If positive, is there and what is the fix?


Thank You
_____
Paul Steinmetz
IBM i Systems Administrator

Pencor Services, Inc.
462 Delaware Ave
Palmerton Pa 18071

610-826-9117 work
610-826-9188 fax
610-349-0913 cell
610-377-6012 home

psteinmetz-3xFsXxMo6CTQT0dZR+***@public.gmane.org
http://www.pencor.com/
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Loading...