[Linux-PowerEdge] Openmanage SSLv3 poodle vulnerability

Sid Young sid.young at gmail.com
Thu Oct 16 07:50:34 CDT 2014


What is the likely hood of a man in the middle attack while you are talking
to the DRAC? If you feel there is a risk and the DRAC doesn't support TLS
then only access the DRAC from a secured JUMP box in your DC, then you wont
have and risk of a man in the middle attack.

Sid


On Thu, Oct 16, 2014 at 9:36 PM, john <lists at cloned.org.uk> wrote:

> Hi,
> How do you stop openmanage from using insecure SSL versions such as SSLv3
> following CVE-2014-3566?
>
> Also, does anyone know how you do this on an iDRAC5 and iDRAC6? :-)
>
> Thanks,
>
> John
>
> _______________________________________________
> Linux-PowerEdge mailing list
> Linux-PowerEdge at dell.com
> https://lists.us.dell.com/mailman/listinfo/linux-poweredge
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20141016/b3bce725/attachment.html 


More information about the Linux-PowerEdge mailing list