[Linux-PowerEdge] Openmanage SSLv3 poodle vulnerability

Biel, Charles cbiel at uta.edu
Tue Oct 21 17:32:00 CDT 2014


Hi John,

   My approach has been kind of heavy handed but it works
well enough to improve our security scan reports:

racadm config -g cfgRacTuning -o cfgRacTuneWebServerEnable 0

Reenable Web Server only as needed via ssh:

racadm config -g cfgRacTuning -o cfgRacTuneWebServerEnable 1


   Of course I¹d like a more elegant fix and have a couple
Service Request calls pending on the issue.

Hope this helps,
Charles


On 10/16/14, 6:36 AM, "john" <lists at cloned.org.uk> wrote:

>Hi,
>How do you stop openmanage from using insecure SSL versions such as SSLv3
>following CVE-2014-3566?
>
>Also, does anyone know how you do this on an iDRAC5 and iDRAC6? :-)
>
>Thanks,
>
>John
>
>_______________________________________________
>Linux-PowerEdge mailing list
>Linux-PowerEdge at dell.com
>https://lists.us.dell.com/mailman/listinfo/linux-poweredge



More information about the Linux-PowerEdge mailing list