Hi all,
IBM published the mentioned security bulletin[1], but looking at it I
have lots of questions. Maybe Del, Colin or someone else from the dev
team may have answers?
1) Does it affect ISP8.1.14-000 only or also older versions?
2) "An attacker can bypass security": so is it necessary to have a
limited admin account that extends it's privileges? Is a "node admin"
sufficient for this?
3) So if there are no admins accounts (besides for the ISP admin team):
Is a ISP server still threatened in this case?
4) Does it help if the TCPADMINPort is closed (except for the ISP admin
team)?
@IBM: Can you please provide any further information, so I (we?) can
decide how much our systems are threatened -- Thanks a lot!
best
Bjørn
[1] https://www.ibm.com/support/pages/node/6564745
--
--------------------------------------------------------------------------------------------------
Bjørn Nachtwey
Arbeitsgruppe "IT-Infrastruktur“
E-Mail:bjoern.nacht...@gwdg.de
--------------------------------------------------------------------------------------------------
Gesellschaft für wissenschaftliche Datenverarbeitung mbH Göttingen (GWDG)
Burckhardtweg 4, 37077 Göttingen, URL:https://gwdg.de
Support: Tel.: +49 551 39-30000, URL:https://gwdg.de/support
Sekretariat: Tel.: +49 551 39-30001, E-Mail:g...@gwdg.de
Geschäftsführer: Prof. Dr. Ramin Yahyapour
Aufsichtsratsvorsitzender: Prof. Dr. Norbert Lossau
Sitz der Gesellschaft: Göttingen
Registergericht: Göttingen, Handelsregister-Nr. B 598
Zertifiziert nach ISO 9001
--------------------------------------------------------------------------------------------------
