12-16-2015
Yes, it is a known issue, they updated it yesterday/some days ago. The same way as with other security patches - you download APAR (the link is on the site), untar it, install using emgr.
But this issue has nothing common with your original question. It describes a known vulnerability in RC4 cipher and describes how to fix it in AIX 7.1 TL3 SP5 and some other versions, which are listed there. Let's say you don't use ftpd, sendmail, popd and imapd on your server, but you use IBM Directory Server. Then the provided fix doesn't make any sense for your server, because it doesn't fix IBM Directory Server, which has the same problem with RC4 cipher, but fixes only the services, you don't use.
This User Gave Thanks to agent.kgb For This Post:
8 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Which network protocol is used by UNIX systems to make remote file systems appear as if they are local? (2 Replies)
Discussion started by: OLLERTON
2 Replies
2. UNIX for Dummies Questions & Answers
What protocol would be the best to use on a network with nt and unix servers and windows me clients?
Can SMB protocol be used to implement large networks?
What protocol can be used to make remote file systems appear as if they are local?
Quite a few questions I know, any help would be... (1 Reply)
Discussion started by: jnash
1 Replies
3. UNIX for Advanced & Expert Users
The more command allows a user to invoke shell. If it is run using the sudo command this will give a user a possibility to run whatever he wants with root's privilegies.
Does anybody know about a command with the same abilities that more but without escape to shell? (2 Replies)
Discussion started by: odashe
2 Replies
4. IP Networking
what method would I use to determine which IP protocols network (0 Replies)
Discussion started by: mar mar
0 Replies
5. Cybersecurity
Hi everyone, I would like to allow multi users to access P2P networks, so I wonder if there's a way to tracking these kind of protocols with netfilter, and also compatibility with nat, like the module conntrack_ftp seems to do with the FTP protocol.
Thanks guys. (0 Replies)
Discussion started by: nekkro-kvlt
0 Replies
6. Shell Programming and Scripting
Hi All,
I have bash script, so what is sintax script in bash for Enable and Disable Tab Key. Thanks for your help.:(
Thanks,
Rico (1 Reply)
Discussion started by: carnegiex
1 Replies
7. IP Networking
hello forum members,
What are L2 and L3 Protocols and can u brief me a bit little ie to gain a
basic knowledge.
Thanks & Regards
Rajkumar g (1 Reply)
Discussion started by: rajkumar_g
1 Replies
8. Red Hat
Hi all Expertise,
I have following issue to solve,
SSL / TLS Renegotiation DoS (low) 222.225.12.13
Ease of Exploitation Moderate
Port 443/tcp
Family Miscellaneous
Following is the problem description:------------------
Description The remote service encrypts traffic using TLS / SSL and... (2 Replies)
Discussion started by: manalisharmabe
2 Replies
LEARN ABOUT CENTOS
reporter-ureport
REPORTER-UREPORT(1) LIBREPORT MANUAL REPORTER-UREPORT(1)
NAME
reporter-ureport - Reports ABRT problems in format of micro report
SYNOPSIS
reporter-ureport [-v] [-c CONFFILE] [-u URL] [-k] [-A -a bthash -B -b bug-id -E -e email] [-r] [-d DIR]
DESCRIPTION
The tool reads problem directory DIR, assembles an micro report from the loaded problem data and sends the micro report to uReport server
for updating statistics and fast analysis. The results of the analysis are stored in problem data in form of problems elements.
reporter-ureport updates reported_to
Configuration file
If not specified, CONFFILE defaults to /etc/libreport/plugins/ureport.conf. Configuration file lines should have PARAM = VALUE format. The
parameters are:
URL
Base sever HTTP(S) address.
SSLVerify
Use no/false/off/0 to disable verification of server's SSL certificate. (default: yes)
SSLClientAuth
If this option is set, client-side SSL certificate is used to authenticate to the server so that it knows which machine it came from.
Possible values are:
rhsm
Uses the system certificate that is used for Red Hat subscription management.
puppet
Uses the certificate that is used by the Puppet configuration management tool.
<cert_path>:<key_path>
Manually supply paths to certificate and the corresponding key in PEM format.
ContactEmail
Email address attached to a bthash on the server.
Parameters can be overridden via $uReport_PARAM environment variables.
OPTIONS
-c FILE
Path to configuration file
-a, --attach BTHASH
bthash of uReport to attach (conflicts with -A)
-A, --attach-rt
Attach to a bthash from reported_to (conflicts with -a)
-b, --bug-id NUM
Attach RHBZ bug (requires -a)
-B, --bug-id-rt
Attach last RHBZ bug from reported_to (requires -a|-A, conflicts with -b)
-e, --email EMAIL
Contact e-mail address (requires -a|-A, conflicts with -E)
-E, --email-env
Contact e-mail address from environment (requires -a|-A, conflicts with -e)
-d, --problem-dir DIR
Path to problem directory.
-k, --insecure
Allow insecure connection to ureport server
-t, --auth SOURCE
Enables client authentication. See SSLClientAuth configuration file option for list of possible values.
-v
Be more verbose. Can be given multiple times.
-u, --url URL
Specify server URL
ENVIRONMENT VARIABLES
Environment variables take precedence over values provided in the configuration file.
uReport_URL
Base sever HTTP(S) address.
uReport_SSLVerify
Use yes/true/on/1 to verify server's SSL certificate. (default: yes)
uReport_ContactEmail
Email address attached to a bthash on the server.
SEE ALSO
ureport.conf(5)
AUTHORS
o ABRT team
LIBREPORT 2.1.11 06/18/2014 REPORTER-UREPORT(1)