Does anyone know if IBM is releasing a patch for the DSK? Someone posted IBM acknowledged the HMC is exposed.
Sent from my iPhone > On Oct 1, 2014, at 10:59 AM, Dana Mitchell <[email protected]> wrote: > >> On Wed, 1 Oct 2014 16:27:04 +0200, R.S. <[email protected]> >> wrote: >> >> My humble opinion is the isolated devices are not in danger even if the >> microcode has some vulnerabilities. >> HMC is good example of such device. You don't install anything on that, >> you don't connect it to the Internet just like PC, the connection to IBM >> support system is quite different thing. >> While it's good to fix any vulnerability if possible, I wouldn't worry >> about bash in HMC. > > The DS8K HMCs are PCs running Linux connected to our corporate network, so > much mayhem could be possible if exploited. PCI and others dictate that we > address such vulnerabilities. > > Dana > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
