Monday, October 27, 2014

Recent security vulnerabilities

OK, I admit, you haven't heard much of me lately but I've been too busy with other stuff that was not all that mainframe related. Still, I couldn't help noticing that there were quite some security issues lately. So, I thought I'd put up a couple of links that might be helpful. And I hope I'll find the time to blog a little more again from now on.

  • Security Bulletin: Vulnerability in SSLv3 affects IBM Virtualization Engine TS7700 (CVE-2014-3566)
    SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled in IBM Virtualization Engine TS7700.
  • Security Bulletin: Vulnerability in SSLv3 affects TS3500 (CVE-2014-3566)
    SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled in TS3500.
  • Security Bulletin: POODLE vulnerability in SSLv3 affects IBM Explorer for z/OS and IBM CICS Explorer (CVE-2014-3566)
    SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. This vulnerability affects all versions of IBM Explorer for z/OS and IBM CICS Explorer.
  • Security Bulletin: A Security vulnerability has been discovered in Apache Struts which impacts the DS8000 GUI (CVE-2014-0114)
    A security vulnerability has been discovered in Apache Struts which impacts the DS8000 GUI