Informix - Problembeschreibung
Problem IT27589 | Status: Geschlossen |
CUSTOMER IS ABLE TO CONNECT TO INFORMIX SSL LISTENER WITH OPENSSL COMMAND USING -CIPHER "DES:3DES" | |
Produkt: | |
INFORMIX SERVER / 5725A3900 / B70 - IDS 11.70 | |
Problembeschreibung: | |
To address the Sweet32: Birthday attacks, A fix was added to Informix to block clients from connecting to Informix using the DES/3DES cipher. However using a security tool it was found that you can still make a connection to Informix using openssl: openssl s_client -connect IP:port# -cipher "DES:3DES" -tls1_2 CONNECTED(00000003) depth=0 O = sample, CN = LDAP_Server verify error:num=18:self signed certificate verify return:1 depth=0 O = sample, CN = LDAP_Server verify return:1 --- .. .. .. | |
Problem-Zusammenfassung: | |
**************************************************************** * USERS AFFECTED: * * Users of IDS 11.70.xC10 and 12.10.xC9 and earlier versions. * **************************************************************** * PROBLEM DESCRIPTION: * * Customer is able to connect to Informix SSL listener with * * openssl command using -cipher "DES:3DES". * **************************************************************** * RECOMMENDATION: * **************************************************************** | |
Local-Fix: | |
Lösung | |
Workaround | |
keiner bekannt / siehe Local-Fix | |
Weitere Daten | |
Datum - Problem gemeldet : Datum - Problem geschlossen : Datum - der letzten Änderung: | 27.12.2018 08.10.2019 08.10.2019 |
Problem behoben ab folgender Versionen (IBM BugInfos) | |
Problem behoben lt. FixList in der Version |