By that, do you mean that no one on the LAN can access the HMC unless they
do it via a box that's also on the protected LAN segment (example: RDP to a
box on the protected segment, run browser session to HMC there)? Or is the
HMC reachable by browser from the general network? Because Heartbleed does
not require anything other than browser access to exploit. Firewalls and
whatnot don't matter if there's an opening to the web service.
On Tue, Apr 22, 2014 at 12:13 PM, Jerry Draper <midrangel@xxxxxxxxxxxxx>wrote:
I get that the HMC has issues with heartbleed.
On the other hand does anyone have an HMC in a vulnerable position?
The ones I work on are inside protected networks on private segments.
On 4/22/2014 9:34 AM, Steinmetz, Paul wrote:
From what I read and have been told by IBMOnly HMCs with code levels 777 or 778 are vulnerable.
The older HMCs with older code are safe. (776 or older)
777 and 778 used the newer version of openssl, which contained the
midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:
Sent: Tuesday, April 22, 2014 11:08 AMthe grave?
To: Midrange Systems Technical Discussion
Subject: Re: OpenSSL Vulnerability Notice
Does this mean that my original HMC's will carry this vulnerability to
HMC V7R760 was the last release supported on models 7310-C04 and
Future HMC releases are not supported on C04 or CR2.Mail to: 2505 Dekko Drive
HMC Code Level
Version: 7 Build Level: 20130812.1 Serial Number: 103BC5A
Release: 7.6.0 Base Version: V7R7.6.0 Model Type: eserver xSeries 335
Service Pack: 3 BIOS: T2E139AUS
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600
Garrett, IN 46738list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
Ship to: Dock 108
Kendallville, IN 46755
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-lmoment to review the archives at http://archive.midrange.com/midrange-l.
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
Jerome Draper, Trilobyte Software Systems, since 1976
iSeries, Network, and Connectivity Specialists -- iSeries, LAN/WAN/VPN
Representing WinTronix, Synapse, Netopia, HiT, and others .....
(415) 457-3431; www.trilosoft.com
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives