Fixing CVE-2009-3555 in Lotus Domino

Fixing CVE-2009-3555 in Lotus Domino

by John Lawren James • January 18, 2012 • Lotus • 0 Comments

A vulnerability assessment turned up a potential issue with my Domino servers. CVE-2009-3555, or a security concern with SSL renegotiation.

There is an easy work around for Domino, add the following parameter in your notes.ini file.

SSL_DISABLE_RENEGOTIATE=1

Reference:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555

http://www-01.ibm.com/support/docview.wss?uid=swg21430331

Tags: configuration, lotus domino

Tweet

About John Lawren James

John Lawren James writes about Lotus Technologies, IBM Collaboration solutions and the state of the security industry. He lives in Ottawa, Ontario, Canada.

http://www.wildunknown.com
Latest Tweets
- Off to start day one of new job. Hope #octranspo is nice to me.
- According to my daughter, I'm losing my voice because I talk too much. #fb
- Do we buy a new house or not.... #fb
Follow Me
Sidebar

Bad Vendor. Go sit in the corner.

February 14, 2012

Here is a synopsis of a recent project over the last month. — Asked...

Happy Thanksgiving!

November 24, 2011

Just a quick note to wish all of my American friends a happy thanksgiving....

Archives

Tags
admin notes alert antivirus CCLUG configuration DAOS database data breach data loss development disaster recovery education encryption fix pack free government hacking humour ipv6 law laws linux lotus domino lotus notes LUG mail relay me password piracy policy privacy process risk assessment security sharing SMTP TLS Trade Magazines training troubleshooting unix upgrade vulnerability wikimania