I recently had a customer run some security scans on SLES 11 SP1 servers
running eDir 8.8.6 (latest patches). They identified a vulnerability,
CVE-2011-3389, in the DHost HTTP Server. I believe this is commonly
referred to as the "Beast" attack. It can be mitigated in Apache and
Tomcat by altering the preferred ciphers used for SSL/TLS. However,
DHost HTTP Server is, as far as I know, it's own stand alone HTTP stack.
So I opened an SR about it, and the support engineer told me to install


Which is an IBM Java 1.4.2 patch. That patch does specifically address
CVE-2011-3389. But here is what I don't understand. What the heck does
this have to do with DHost HTTP Server? The servers in question don't
even have IBM Java installed on them (some have no Java installed at
all). I know that eDir lays down a JVM for it's own purposes, but would
this IBM Java patch affect that?

I asked for clarification/confirmation, but I'm having trouble getting
that. Can anyone shed any light here? Has anyone dealt with this
vulnerability in the DHost HTTP Server?



matt's Profile: http://forums.novell.com/member.php?userid=1582
View this thread: http://forums.novell.com/showthread.php?t=454040