IBM Support

IC93824: POTENTIAL FOR DENIAL OF SERVICE ATTACK ON SERVER WITH SSL ENABLED.

A fix is available

IBM Tivoli Storage Manager (TSM) server V6.1.5.x interim fix downloads

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Problem Description:

Potential for a Denial of Service attack on an IBM Tivoli
Storage Manager Server V5.5,
 V6.1, V6.2 or V6.3 when the server is configured for SSL
(Secure Sockets Layer) communications. The Denial of Service
requires either the
SSLTCPPORT or SSLTCPADMINPORT option to be placed in the
Tivoli Storage Manager server options file to be susceptible
to this problem.

Customer/L2 Diagnostics: Hanging SSL Session

Tivoli Storage Manager Versions Affected:
Tivoli Storage Manager Server versions 5.5, 6.1, 6.2 and 6.3
on all platforms

Initial Impact: Med

Additional Keywords: zz55 zz61 zz62 zz63 SSL DOS GSKIT

Local fix

  • Do not use the SSLTCPPORT or SSLTCPADMINPORT server options.

Problem summary

  • ****************************************************************
* USERS AFFECTED: All Tivoli Storage Manager server users.     *
****************************************************************
* PROBLEM DESCRIPTION: See error description.                  *
****************************************************************
* RECOMMENDATION: Apply fixing level when available. This      *
*                 problem is currently projected to be fixed   *
*                 in levels 6.1.5.300, 6.2.6 and 6.3.4.        *
*                 Note that this is subject to change at       *
*                 the discretion of IBM.                       *
****************************************************************
*

Problem conclusion

  • Problem Conclusion:
This problem was fixed.

Affected platforms:  AIX, HP-UX, Solaris, Linux, and Windows.

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IC93824
    • 

  • Reported component name
    TSM SERVER
    • 

  • Reported component ID
    5698ISMSV
    • 

  • Reported release
    62W
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2013-07-01
    • 

  • Closed date
    2013-08-15
    • 

  • Last modified date
    2013-08-15
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    TSM SERVER
    • 

  • Fixed component ID
    5698ISMSV
    • 



Applicable component levels


    

  • R61A  PSY
       UP
    • 

  • R61H  PSY
       UP
    • 

  • R61L  PSY
       UP
    • 

  • R61S  PSY
       UP
    • 

  • R61W  PSY
       UP
    • 

  • R62A  PSY
       UP
    • 

  • R62H  PSY
       UP
    • 

  • R62L  PSY
       UP
    • 

  • R62S  PSY
       UP
    • 

  • R62W  PSY
       UP
    • 

  • R63A  PSY
       UP
    • 

  • R63H  PSY
       UP
    • 

  • R63L  PSY
       UP
    • 

  • R63S  PSY
       UP
    • 

  • R63W  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGSG7","label":"Tivoli Storage Manager"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"62W","Edition":"","Line of Business":{"code":"LOB26","label":"Storage"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            15 August 2013
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback