Java update broke the Dell DRAC 5 remote management cards!
So the openjdk in most linux distros has now been upgraded to v1.8. This has a good bug fix regarding the whole SSLv3 Poodle vulnerability.
This has one problem. The Dell DRAC remote management cards installed in a lot of Dell servers relies on SSLv3 to operate. Without this, you can get into the web interface - but when you get an error stating Error when reading from SSL socket connection and no further.
Thankfully, it is simple to re-enable SSLv3 to allow the connection to succeed.
Open up /usr/lib/jvm/*/jre/lib/security/java.security in your favourite editor as root, and change the following line:
1
jdk.tls.disabledAlgorithms=SSLv3
to
1
jdk.tls.disabledAlgorithms=
This enables SSLv3 to all java applications - however it exposes yourself to the MITM attack as defined in CVE-2014-3566. I suggest having a read of the CVE to understand if you want to leave this setting as default on your system or disable it again afterwards.
Comments powered by Disqus.