× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. October 2014

Re: Fw: FLASH: Security Bulletin: Vulnerability in SSLv3 affects TS3310 (CVE-2014-3566) (2014.10.22)

Poodle, Heartbleed, shellshock, if any C level suit needed a reason to
listen when they ask for a separate management LAN, this is a pretty good
list of arguments...
Thanks Rob for the update. I note that the update doesnt mention a fix yet,
only that the TS3310 has sslv3 enabled and is thus vulnerable to MiTM
attacks.

On Wed, Oct 22, 2014 at 3:19 PM, <rob@xxxxxxxxx> wrote:

----- Forwarded by Rob Berendt/DEKKO on 10/22/2014 02:18 PM -----

From: IBM My Notifications <mynotify@xxxxxxxxxxxxxxxxxxxx>
To: rob@xxxxxxxxx
Date: 10/22/2014 01:49 PM
Subject: FLASH: Security Bulletin: Vulnerability in SSLv3 affects
TS3310 (CVE-2014-3566) (2014.10.22)




My notifications for Storage - 22 Oct 2014

Dear Subscriber (robberendt),

Here are your bulletin email notifications for your subscriptions at IBM
My notifications.

Visit the recently updated IBM Electronic Support site to get connected
with our powerful online tools, tips, and resources.
- http://ibm.co/MyNeSupport

Your support notifications display in English by default. Machine
translation based on your IBM profile
language setting is added if you specify this option in My defaults within
My notifications.
(Note: Not all languages are available at this time, and the English
version always takes precedence
over the machine translated version.)


------------------------------------------------------------------------------
1. TS3310 Tape Library (3576)

- TITLE: Security Bulletin: Vulnerability in SSLv3 affects TS3310
(CVE-2014-3566)
- URL:

http://www.ibm.com/support/docview.wss?uid=ssg1S1004960&myns=s034&mynp=OCSTCXRHW&mync=E

- ABSTRACT: SSLv3 contains a vulnerability that has been referred to as
the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3
is enabled in TS3310.


------------------------------------------------------------------------------
Manage your My notifications subscriptions, or send questions and
comments.
- Subscribe or Unsubscribe - https://www.ibm.com/support/mynotifications
- Feedback - https://www-912.ibm.com/x_dir/xfeedback.nsf/feedback?OpenForm

To ensure proper delivery please add mynotify@xxxxxxxxxxxxxxxxxxxx to your
address book.
You received this email because you are subscribed to IBM My notifications
as:
robberendt

Please do not reply to this message as it is generated by an automated
service machine.

(C) International Business Machines Corporation 2014. All rights reserved.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.