IT18177: A VULNERABILITY IN THE SSH COMPONENT OF IBM DATAPOWER GATEWAYS (CVE-2016-8858)
A fix is available
Closed as program error.
Possible denial of service. Specially crafted data sent during key exchange could be exploited to consume all available memory resources. (CVE-2016-8858)
Turn off SSH
DataPower's SSH component may be vulnerable to a denial of service as reported in CVE-2016-8858. By sending specially crafted data during the key exchange process, a remote attacker could exploit this vulnerability to consume all available memory resources.
Fix is available in 220.127.116.11 For a list of the latest fix packs available, please see: http://www-01.ibm.com/support/docview.wss?uid=swg21237631
Reported component name
Reported component ID
NoSpecatt / Xsystem
Last modified date
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fixed component name
Fixed component ID
Applicable component levels