Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipmentBrocade Superx Series
11121314151617181920
IronWare Software Release 07.2.02j for Brocade FastIron switches
Release Notes v 1.0 Page 20 of 79
Once the device has reloaded, the DHCP-client service will start up and a new dynamic IP address is
assigned to the interface. The DHCP-client service feature is now enabled on the interface.
Note regarding Telnet and Internet Explorer 7
The Telnet function in Web management does not work with Internet Explorer version 7.0.5730. The
system goes to "telnet://10.43.43.145" page when the user clicks web/general system configuration/
(telnet) in Internet Explorer version 7.0.5730. This is a known issue for Internet Explorer. To work
around this issue, you must download and install a patch for IE 7. To do so, go to
http://www.lib.ttu.edu.tw/file/IE7_telnet.reg.
Note regarding US-Cert advisory 120541
In order to address the SSL and TLS vulnerability issue discussed in US-Cert advisory 120541, the Web
server re-negotiation feature has been disabled in this release so that SSL re-negotiation requests will
not be honored by the Brocade IP device Web server.
Based on Cert advisory 120541, the Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
protocols are vulnerable to Man-In-The-Middle (MITM) attacks. Vulnerability is in the way SSL and TLS
protocols allow re-negotiation requests, which may allow a MITM to inject arbitrary requests into an
application HTTP protocol stream. This could result in a situation where the MITM may be able to harm
the Brocade IP device through the Web Management interface.
For more information regarding Cert advisory 120541, refer to the following links:
http://extendedsubset.com/?p=8
http://www.links.org/?p=780
http://www.links.org/?p=786
http://www.links.org/?p=789
http://blogs.iss.net/archive/sslmitmiscsrf.html
http://www.ietf.org/mail-archive/web/tls/current/msg03948.html
https://bugzilla.redhat.com/show_bug.cgi?id=533125
http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00014.html
http://cvs.openssl.org/chngview?cn=18790
http://www.links.org/files/no-renegotiation-2.patch
http://blog.zoller.lu/2009/11/new-sslv3-tls-vulnerability-mitm.html
https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html