CRIME TLS Compression Vulnerability with PGP Universal Server
We are running PGP Universal Server 3.2.1 (Build 4940) and it seems that this server is vulnerable to the new CRIME TLS Compression vulnerability. Has PGP addressed this issue with a patch? A possible workaround for this is to disable TLS Compression. I have looked through the settings of our server and do not see a way to do that. Does anyone have a solution to this problem?
If you scan your PGP server with this site or any security vulnerability application you will get more details about the vulnerability. https://www.ssllabs.com/ssltest/index.html