PQ76479: UNABLE TO RECEIVE CERTIFICATES USING GSK5CMD COMMAND IN 5.0.5.70

 A fix is available

PQ86671; 1.3.28: Potential Denial-of-Service attack vulnerability



APAR status
Closed as program error.

Error description
When running IHS 2.0.42.1 with gskit 5.0.5.70 on
Solaris and using the gsk5cmd command to receive certificates
the function fails with the following error.
-
-format Invalid input in field
{0}.
-
example syntax used:
"/opt/ibm/gsk5/bin/gsk5cmd -cert -receive -file
/tmp/server.cert -db key.kdb -pw PWD -default_cert yes "
-
This same command works fine on 5.0.5.48, but fails on
5.0.5.70.
Local fix
GSKIT 5.0.5.82 corrects this problem.
Problem summary
Using the command line feature of ikeyman to
receive a certificate fails ( gsk5cmd -cert -receive ). The
failure occurs in the Gskit libraries due to a invalid check.
Problem conclusion
The problem is fixed by changing the invalid
check in the Gskit library.
The following COMPID's are affected by these changes:
5648B7800 IHS for AIX
5648B7801 IHS for Sun
5648B7802 IHS for WinNT and Win2K
5648B7803 IHS for HP
5648B7804 IHS for Linux
5630A3603IHS 2.0 All Platforms
The fix will be available in the next service refreshes for IHS,
currently planned as IHS 1.3.19.6, IHS 1.3.26.2, and
IHS 2.0.42.3.
The code changes are stored in CMVC under defect PQ76479.
Temporary fix Comments
APAR information
APAR number PQ76479
Reported component name WAS BASE 5.0
Reported component ID 5630A3600
Reported release 00S
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2003-07-17
Closed date 2003-09-09
Last modified date 2003-09-09

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
GSKIT IKEYCMD        

Publications Referenced

Fix information
Fixed component name WAS HTTP SERVER
Fixed component ID 5630A3603

Applicable component levels
R00A PSN    UP
R00H PSN    UP
R003 PSN    UP
R00I PSN    UP
R00S PSN    UP
R00W PSN    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > IBM HTTP Server > Runtime
Operating system(s):
Software version: 00S
Software edition:
Reference #: PQ76479
IBM Group: Software Group
Modified date: Sep 9, 2003