« Sametime Audio/Video working in a real world environment, ie one with firewalls. | Main| Integrating Microsoft Lync 2010 with IBM Social Collaboration Environments »

ACT NOW! If you have any Sametime servers accessible outside using LDAP as it's directory source, ACT NOW

Category
Recently IBM business partner Integrasys identified a security risk with IBM Sametime.  Be sure to read this security bulletin and act now!

http://www-01.ibm.com/support/docview.wss?uid=swg21569452

Posted by Carl Tyler On 10/27/2011 | | del.icio.us  Technorati  Digg This 

Comments

Gravatar Image1 - Interesting ... I'll check my server now.

Now I wonder if they'll ever get around to fixing the huge hole in the business cards servlet (see my post here: { Link }

Thanks again! Marc.

Posted by Marc Champoux At 01:56:30 PM On 10/27/2011 | - Website - |


Gravatar Image2 - Is this really necessary for internal facing on ST servers?

Posted by Tim E. Brown At 03:16:46 PM On 10/27/2011 | - Website - |


Gravatar Image3 - I meant internal only ST servers.

Posted by Tim E. Brown At 03:17:50 PM On 10/27/2011 | - Website - |


Gravatar Image4 - @2 & @3 Depends Tim. Would you feel comfortable with an employee out of IT being able to retrieve your LDAP username and password?

Posted by Carl Tyler At 03:20:17 PM On 10/27/2011 | - Website - |


Gravatar Image5 - True. Probably is necessary even internally if it possibly exposes the usernames and passwords for the LDAP bind account. Emoticon

Posted by Tim E. Brown At 03:24:14 PM On 10/27/2011 | - Website - |


Post A Comment

:-D:-o:-p:-x:-(:-):-\:angry::cool::cry::emb::grin::huh::laugh::rolleyes:;-)