IBM Support

IC93824: POTENTIAL FOR DENIAL OF SERVICE ATTACK ON SERVER WITH SSL ENABLED.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Problem Description:
    
    Potential for a Denial of Service attack on an IBM Tivoli
    Storage Manager Server V5.5,
     V6.1, V6.2 or V6.3 when the server is configured for SSL
    (Secure Sockets Layer) communications. The Denial of Service
    requires either the
    SSLTCPPORT or SSLTCPADMINPORT option to be placed in the
    Tivoli Storage Manager server options file to be susceptible
    to this problem.
    
    Customer/L2 Diagnostics: Hanging SSL Session
    
    Tivoli Storage Manager Versions Affected:
    Tivoli Storage Manager Server versions 5.5, 6.1, 6.2 and 6.3
    on all platforms
    
    Initial Impact: Med
    
    Additional Keywords: zz55 zz61 zz62 zz63 SSL DOS GSKIT
    

Local fix

  • Do not use the SSLTCPPORT or SSLTCPADMINPORT server options.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: All Tivoli Storage Manager server users.     *
    ****************************************************************
    * PROBLEM DESCRIPTION: See error description.                  *
    ****************************************************************
    * RECOMMENDATION: Apply fixing level when available. This      *
    *                 problem is currently projected to be fixed   *
    *                 in levels 6.1.5.300, 6.2.6 and 6.3.4.        *
    *                 Note that this is subject to change at       *
    *                 the discretion of IBM.                       *
    ****************************************************************
    *
    

Problem conclusion

  • Problem Conclusion:
    This problem was fixed.
    
    Affected platforms:  AIX, HP-UX, Solaris, Linux, and Windows.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IC93824

  • Reported component name

    TSM SERVER

  • Reported component ID

    5698ISMSV

  • Reported release

    62W

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2013-07-01

  • Closed date

    2013-08-15

  • Last modified date

    2013-08-15

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    TSM SERVER

  • Fixed component ID

    5698ISMSV

Applicable component levels

  • R61A PSY

       UP

  • R61H PSY

       UP

  • R61L PSY

       UP

  • R61S PSY

       UP

  • R61W PSY

       UP

  • R62A PSY

       UP

  • R62H PSY

       UP

  • R62L PSY

       UP

  • R62S PSY

       UP

  • R62W PSY

       UP

  • R63A PSY

       UP

  • R63H PSY

       UP

  • R63L PSY

       UP

  • R63S PSY

       UP

  • R63W PSY

       UP

[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGSG7","label":"Tivoli Storage Manager"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"62W","Edition":"","Line of Business":{"code":"LOB26","label":"Storage"}}]

Document Information

Modified date:
15 August 2013