× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. July 2003

Re: OS/400 Vulnerability to CERT Advisories

I would like to publicly thank Patrick Botz and IBM for providing this
information. Thru midrange-l, Common, and directly with IBM, many
have been asking for this from IBM. It will make security administration
and notification to management much more complete.

jim franz

----- Original Message -----
From: "Patrick Botz" <botz@xxxxxxxxxx>
To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
Sent: Thursday, July 24, 2003 5:59 PM
Subject: OS/400 Vulnerability to CERT Advisories


>
> Hi Everyone,
>
> I wanted to give you a heads up to some new information that is available
> for you regarding OS/400 and CERT Advisories.
>
> Go to:
> http://www.ibm.com/servers/resourcelink     and sign-in
> (you can request an ID/pwd for free, but it does require a sign-on)
>
> Then select "Problem Solving" from the left-hand navigation panel
> Then select "Security alerts" (under the Alerts heading)
>
> You will see a list of CERT advisories and you can find the OS/400
position
> with respect to those advisories.
>
> In most cases, you will not see OS/400 responses for things that are
> clearly not OS/400 related (i.e. CERT advisories for specific products or
> platforms).
>
> Here's an example of the screen you'll see:
>
>
>
>
>
>
>  CERT VU#623217
>
>                 Cryptographic weakness in Kerberos Version 4 protocol
>
>  · AIX · os400 · xSeries · zOS
>
>
>
>
>
>  CERT VU#673993
>
>                 PopTop PPTP Server contains buffer overflow in
"ctrlpacket.c"
>
>   · os/400 · xSeries · zOS
>
>
>
> Clicking on OS/400 (or os400 or os/400 :-) ) will give you the information
> about if and how OS/400 is affected. If it is affected it will give you
> information about work arounds or PTFs.
>
> I'll give you a hint:  most of the OS/400 responses say "given currently
> available information, OS/400 is not affected by this vulnerability."
>
> Patrick Botz
> Senior Technical Staff Member
> eServer Security Architect
> (507) 253-0917, T/L 553-0917
> email: botz@xxxxxxxxxx
>
>
>
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.