Manualshelf

Release Notes

ManualsBrandsDell ManualsActive System ManageriDRAC6 for Monolithic Servers Version 2.92
12345678910
iDRAC6 v2.92.00 4
Mozilla Firefox 15 on Windows XP 32-bit SP3, Windows Server 2003 SP2, Windows Server 2008
SP2, Windows Server 2008 x64 R2, Windows Vista SP2, Windows 7 x64.
Mozilla Firefox 16 on Windows XP 32-bit SP3, Windows Server 2003 SP2, Windows Server 2008
SP2, Windows Server 2008 x64 R2, Windows Vista SP2, Windows 7 x64.
What’s new
N/A
Fixes
Fixed the following security issue:
o CVE-2008-2234: Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote
attackers to execute arbitrary code via a crafted "Authorization: Basic" HTTP header.
o CVE-2017-8890:Denial of service
o Provided fix for removal of RC4 ciphers from SSH interface.
o Fixed issue of buffer overflow in RACADM.
o Fix provided for Security issues.
Important notes
You must disable the Enhanced Security Mode in Internet Explorer for the Java-based virtual console
and virtual media plug-in to function properly. Else, specify the ActiveX plug-in in the iDRAC6
configuration instead of Java. In addition, you must add the iDRAC6 Web URL to the Intranet security
zone only. Also, this zone settings must be Medium-Low or lesser, for the control to function properly.
To successfully launch Virtual Media, make sure that you have installed a 64-bit JRE version on a 64-
bit operating system with 64-bit browser or a 32-bit JRE version on a 32-bit operating system with 32-
bit browser. iDRAC6 does not support 64-bit ActiveX versions. Also, make sure that for Linux, the
compat-libstdc++-33-3.2.3-61 related package is installed for launching Virtual Media. On Windows,
the package may be included in the .NET framework package.
When the SSL encryption strength is set to "168-bit or higher" or "256-bit or higher" and a downgrade
is performed to firmware version 1.97 or lower, the encryption strength defaults to Auto-negotiate.
After this if you upgrade the firmware to version 1.98, the encryption strength is set to the previously
set "168-bit or higher" or "256-bit or higher" value.
To disable 3DES ciphers, set the SSL encryption strength to "256-bit or higher".