This article is now available in our new knowledge base: PTFs to mitigate httpoxy on IBM i
Issue
httpoxy is the name for an exploit that can redirect outgoing requests to a malicious site. The identifier is CVE-2016-5387
Environment
IBM i OS 7.1 or 7.2. IBM i 7.3 is not affected.
Resolution
IBM has issued a PTF for IBM HTTP Server that can be applied to mitigate this threat:
For IBM i 7.1, use PTF SI61471
For IBM i 7.2, use PTF SI62159
IBM i 7.3 does not need a PTF.
Comments